I wrote an article about making an SSL certificate using MAKECERT here, but that example used the default SHA1 signature hash algorithm which is deprecating. Therefore, instead of the command shown in Figure 6 on the referenced article, I recommend using this command, that includes the SHA256 attribute, similar to that shown in Figure 1:
makecert –a SHA256 -pe -iv benperkmeCA.pvk -n “CN=benjamin-perkins.me” -eku 220.127.116.11.18.104.22.168.1 -ss my -sr localmachine -sky exchange -ic BenperkmeCA.cer IIS-ServerCert-Benperk.cer
Figure 1, make a self signed certificate with stronger SHA hash algorithm
The MAKECERT tool is discussed here, where you can see that it supports numerous signature algorithms. The executable itself is included in the Windows XP Server Tools package. You might want to do some searching around for it and get it from there.