Certificates with SDK tools (makecert, pvk2pfx)

Question

Certificates with SDK tools (makecert, pvk2pfx)

I need to make two certificates: CA certificate and server certificate.

I use these commands.

makecert -r -pe -n "CN=CACert" -a sha1 -sky signature -cy authority -sv CACert.pvk CACert.cer certutil -addstore Root TGCA.cer makecert -pe -n "CN=ServerCert" -a sha1 -sky exchange -ic CACert.cer -iv CACert.pvk -sv ServerCert.pvk ServerCert.cer pvk2pfx -pvk ServerCert.pvk -spc ServerCert.cer -pfx ServerCert.pfx

Then I import ServerCert.pfx into the certificate store.

Why don't they contain the private key in the store?

+7

certificate pfx makecert

scazy Apr 24 '11 at 17:18

source share

2 answers

So, after a long dance with a tambourine, I found a solution. The problem was in the user interface. My goal was to import pfx to local storage. This cannot be done by running the pxf file from the folder.

When pxf imports wihout pvk pass, the internal private key does not import. Password is not requested when importing to localmachine using MMC.

What I've done:

Import a pxf file from the file explorer into CurrentUser "My" (enter pvk password).
Export the certificate from the repository to a new pxf with a password.
Import new pxf into localmachine "My" storage with MMC.

I do not know other ways.

+1

scazy Apr 25 '11 at 2:18

source share

bruno.bologna · Accepted Answer · 2013-05-30T14:02:18+0000

Why aren't you trying to create a pfx file by passing the secret key password as an argument?

Try it like this.

 pvk2pfx -pvk ServerCert.pvk -spc ServerCert.cer -pfx ServerCert.pfx -pi password

As the documentation says:

/ pi pvkpassword Specifies the password for the .pvk file.

Source: http://msdn.microsoft.com/en-us/library/windows/hardware/ff550672(v=vs.85).aspx

Certificates with SDK tools (makecert, pvk2pfx)

More articles: