Nigel Bowden of Wifi Nigel comments:
Most of the time, a Microsoft PKI infrastructure is used to issue a certificate to the NPS server, which is a relatively straightfoward process that is well documented in official Microsoft documentation.
However, there may be times when you want to fire up a version of NPS (perhaps in a lab or POC environment) and just put on your own self-signed certificate, instead of having the additional overhead of getting CA servers etc. going.
Finding out how to create and install your own self-signed certificate is not that easy to do, so I thought I’d document the process I managed to get going recently, which may help someone save themselves some time at some point.
Setting up a certificate isn’t easy to do. Active Directory is the de facto identity store today, so Nigel’s shortcuts will help immensely with the process.