Collections:
Other Resources:
"makecert.exe -pe" - Export Private Key from Certificate Store
How to export my private key from the system certificate store into a file? The "export the private key" option is grayed out on the Certificate Export Wizard.
✍: FYIcenter.com
By default, private keys stored with certificates in system stores are not allowed to be exported to avoid the risk of passing your private key to others.
If you want to export the private key, you need to make it "exportable" when you create the private key with the "makecert.exe -pe" as shown in this tutorial.
1. Run the following command to create a new certificate and save it into a new system store called "TestStore":
C:\fyicenter> "\Program Files\Microsoft Visual Studio 8\sdk\v2.0\bin\makecert.exe" -n "CN=Lily Dews" -pe -ss TestStore Succeeded
2. Run the "certmgr.msc" tool and open the "TestStore > Certificates". You see "Lily Dews" certificate shows up.
3. Right-mouse click on "Lily Dews" and select "All Tasks > Export...". You see "Certificate Export Wizard" showing up.
4. Click "Next". You see "Export Private Key" screen showing up.
5. Check "Yes, export the private key" option. This is not grayed out any more, because the private key was set to "exportable".
6. Click "Next". You see "Export File Format" screen showing up with only only file format available: "Personal Information Exchange - PKCS#12 (.PRX)".
7. Click "Next". You see "Password" screen showing up. This is needed to protect your private key in the output file.
8. Enter "FYIcenter" and click "Next". You see "File to Export" screen showing up.
9. Browse for an output folder and file name like: "lily.pfx". And finish the exporting process
See the picture below:
⇒ makecert.exe - List of Command Extended Options
⇐ "makecert.exe -ss" - Create New System Certificate Store
2012-08-10, 21912🔥, 0💬
Popular Posts:
Certificate summary - Owner: t.co, Twitter Operations, "Twitter, Inc.", L=San Francisco, ST="Califor...
Why I am getting the "variable lookup failed for ca::policy" error when running OpenSSL "ca" command...
Why I am getting the "cannot lookup how many days to certify for" error when running OpenSSL "ca" co...
Certificate summary - Owner: ssl2.cdngc.net, CDNetworks Inc., L=San Jose, ST=California, US Issuer: ...
Certificate Summary: Subject: ZeroSSL RSA Domain Secure Site CA Issuer: USERTrust RSA Certification ...