I'm trying to check a specific IIS configuration, which should reject weak SSL certificates.
How would I go about creating an SSL certificate with either RC4 or DES encryption?
I've tried using openssl with the -des flag, but it seems to still create a sha256 cert.
The choice of the symmetric cipher used in TLS (i.e. RC4, DES, AES...) does not depend on the certificate. This means that any certificate you'll create can be used together with RC4, DES, ... . Instead of trying to enforce a strong cipher using the certificate you have to do this in the server configuration. See Mozilla: Security/Server Side TLS for examples on how to configure common web servers with strong ciphers.