Run the following in the command prompt (Replace <FQDN> with the fully qualified domain name of the Third-Party API;

Use appropriate dates for the begin date (-b switch) and end date (-e switch)):

makecert.exe -n "CN=<FQDN>" -iv RootCertificate.pvk -ic RootCertificate.cer -pe -a sha512 -len 4096 -b 01/01/2022 -e 01/01/2042 -sky exchange -eku -sv ServerCertificate.pvk ServerCertificate.cer


When prompted for passwords:

·       Subject Key: A new password

·       Subject Key: The new password

·       Issuer Signature: Root Certificate Password

Save the password that you use and the “ServerCertificate.pvk” file that is generated in a safe location.

Server Certificate Password *

your password here

Location of ServerCertificate.pvk file


Under no circumstances should the password or ServerCertificate.pvk file be provided to anyone other than USA Swimming.

Run the following in the command prompt (replace <Password> with the password from above):

pvk2pfx.exe -pvk ServerCertificate.pvk -spc ServerCertificate.cer -pfx ServerCertificate.pfx -po "<Password>"

On the Web server, import ServerCertificate.pfx into Certificates (Local Computer) -> Personal.

When prompted for a password, use the password from above.

On the Web server, use ServerCertificate.pfx as the SSL certificate for the Third-Party API.