...
# Set password to export certificate
$pw = ConvertTo-SecureString -String "PASSWORD_TO_ADD_HERE" -Force -AsPlainText
# Define expiration
$YearsToExpire = Read-Host “How many years should this certificate be valid”
$CertStoreLocation = "Cert:\CurrentUser\my"
$CertPath = "Cert:\CurrentUser\my\$($Cert.Thumbprint)"
$FilePath = "E:\CodeSigningCert\Code Signing Cert.pfx"
$Cert = New-SelfSignedCertificate -Type Custom -Subject "ADD SUBJECT HERE" `
-dnsname XYZ.ch `
-KeyUsage DigitalSignature `
-KeyDescription "XYZ - For code signing only." `
-KeyExportPolicy ExportableEncrypted `
-FriendlyName "MY FRIENDLY NAME" `
-CertStoreLocation $CertStoreLocation `
-TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.3",
"2.5.29.19={text}false") `
-NotAfter (Get-Date).AddYears($YearsToExpire)
$Cert
Export-PfxCertificate -Cert $CertPath -FilePath $FilePath -Password $pw