Certificate that I use for code signing was about to expire so I went to StartSSL to get a new one. After going through standard identity verifications only thing remaining was to submit certificate signing request (CSR). Last time I created one on my Linux machine using openssl. This time I wanted to create it under Windows.
It turns out this is not difficult at all. First step was to download openssl installation for Windows. Message about missing Visual C++ 2008 Redistributables could be safely ignored and after annoying setup procedure (why would anybody think you want to install stuff to root directory) everything was ready.
Creating certificate signing request was exactly the same command as on Linux:
openssl req -new -newkey rsa:4096 -nodes -out my.csr -keyout my.key
After answering a few questions, all that was left to do was to open resulting my.csr file in any text editor and copy/paste it to the certificate authority. Not as easy as on Linux (where openssl is usually part of OS) but close enough for me.
PS: In order to get PFX certificate based on private key and certificate file, you can also use openssl:
openssl pkcs12 -export -inkey my.key -in my.cer -out my.pfx