Step by Step PKI–Export and Import Certificate in Windows | Blog - RickyGao Pty Ltd
15039
post-template-default,single,single-post,postid-15039,single-format-standard,ajax_fade,page_not_loaded,,qode_grid_1300,footer_responsive_adv,qode-child-theme-ver-1.0.0,qode-theme-ver-11.2,qode-theme-bridge,wpb-js-composer js-comp-ver-5.2.1,vc_responsive

Step by Step PKI–Export and Import Certificate in Windows

Step by Step PKI–Export and Import Certificate in Windows

Now we have completed the certificate request and installed the certificate in IIS, but sometimes we may need the export certificate (private key or public key) for other purpose.

 

Export Certificate: Public Key

Exporting the pubic key certificate (.cer) is quite common since in theory, anyone can access or read the public key, because it is public key, like your home company address.

Public key certificate (.cer) can be exported from where it installed, or can be downloaded from Internet, depends on certificate.

IIS

1. Open IIS (inetmgr)

image

2. Locate the certificate, double click open the certificate

image

3. Click on “Detail” tab, and “Copy to File…”, follow the wizard to export

image

 

Windows certificate store

Depends on your certificate, some certificate sitting in “User Certificate Store (certmgr.msc)”, some in “Computer Certificate Store (certlm.msc)”

For the certificate requested from IIS, it is sitting in “Computer Certificate Store (certlm.msc)”

1. Open Windows Certificate Store

image

2. Open the certificate by double click on it

3. Export the certificate

 

 

Export Certificate: Private Key

Exporting the private key certificate can only be done on the computer where the .csr generated in the first time.

Later, you can install the exported private key onto other computer and export from there if you choose the certificate is exportable.

 

IIS

Exporting in IIS is easy and straight forward, just click on the export button

image

Leave a path and password (private key must have a password protected)

image

 

Windows Certificate Store

1. Open Windows certificate store, locate the certificate, right click, All Tasks –> Export

image

2. Exporting

Windows will ask you whether you want to export the private key or not.

If we do not export the private key, then the export will be exactly the same as we exported the public key

So let choose export the private key for now

image

3. Exporting

 

Now we have successfully exported our certificate.

 

Next: Import a certificate

1. Double click on the certificate file

2. Choose which Windows certificate store you want to import: Computer Certificate Store (certlm.msc) or User Certificate Store (certmgr.msc)

It depends on the certificate purpose: a website certificate usually goes into Computer, where a user based cert goes into User.

image

2. Follow the wizard, choose whether you want this certificate to be exportable on current computer (not the original computer where the certificate been exported)

image

3. Choose a certificate store location.

image