Re: mark private key exportable

From: Keith W. McCammon (km_at_km.com)
Date: 04/29/04 

Date: Thu, 29 Apr 2004 09:23:06 -0400

I believe that you mark the private key as exportable when you import the
certificate in the first place. If you didn't mark it when you imported,
the easiest way to correct this is probably to delete and re-import from the
backup file, marking as exportable.

"Gregory" <grzesiot@polsl.gliwice.pl> wrote in message
news:ePZYizdLEHA.2068@TK2MSFTNGP11.phx.gbl...
> Hi,
>
> I do not know if this is the correct group, if not please
> point me to the right one.
>
> How do I transfer a SSL certificate with it's private key
> from one server to another?
>
> I had serverA with win2000 and an IIS web site with a
> SSL certificate. I had to upgrade this server to windows 2003.
> So I exported the certificate with the key and imported it
> on a serverB running win2003 and moved the web site there.
> This was a month ago.
> Now serverA is upgraded and I want to move the web
> site back, but to my surprise the Certificate Export Wizard says
> "The associated private key is marked as not exportable".
>
> How do I unmark the key?
>
> --
> Grzegorz Tannenberg
> Administrator
> Centrum Komputerowe
> Politechnika Šl±ska
>

Relevant Pages

  • Re: Private key generation
    ... As I wrote in my first answer to that thread - there are many situations when key pair is generated on trusted server. ... identity based encryption) simply requires generation of private key on server... ... High assurance keys (especially these that afterward are split in multiple shares using secret sharing schemes) may also require use of specialized equipment and computers that runs in a tempest/EM shielded locations. ... Default scenario supported by Microsoft Certificate Server is the most standard CA mode when CA just signs X509 certificate with emedded public keys. ...
    (microsoft.public.dotnet.security)
  • Re: Certificate key access under Network Service in IIS 6
    ... Haven't done that because I've been remoted in to the customer's server. ... It is likely the private key file but might be a registry key as well. ... I can get the signing process to work if I have the IIS Application Pool configured to run under SYSTEM but running under the preferred NETWORK SERVICE account the private key access of the certificate fails. ...
    (microsoft.public.dotnet.security)
  • Re: How to use certificates?
    ... I expect that server will know the client public key, ... > private key for that certificate. ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: IIS 6.0 SSL Certificate Difficulties
    ... that is just a plain text file with encrypted detail of your server detail. ... do you export the private key as well? ... > certificate from the IIS Snap-in it says that "You have a private key that ... > Another symptom is that when we create the request on the 2003 server, ...
    (microsoft.public.inetserver.iis)
  • Re: Private key generation
    ... Some encryption schemes (like f.e. ... identity based encryption) simply requires generation of private key on server... ... Default scenario supported by Microsoft Certificate Server is the most standard CA mode when CA just signs X509 certificate with emedded public keys. ...
    (microsoft.public.dotnet.security)