I am running Windows 10. I have install a certificate to my computer. I see that in my MMC. But when I try to export a pfx file for that certificate. That option is disable.
I was able to successfully export a pfx file for that certificate before on the SAME machine (say machine A). But then when I install the pfx file on another machine (say machine B) with the password that I specified. It did not work. It said password not correct or something like that. So I went back to the certificate machine (machine A), delete the certificate and install the certificate again.
Afterward, I was not longer able to export the pfx file again. Is there a way to fix this?
Can you please tell me how can I fix that?
And when I tried repairstore, I get Object was not found error:
C:\WINDOWS\system32>certutil -repairstore my 356000019dba8d5ddd348062b90000000001d
my "Personal"
CertUtil: -repairstore command FAILED: 0x80090011 (-2146893807 NTE_NOT_FOUND)
CertUtil: Object was not found.
What you’re seeing is a Windows limitation: It won’t let you use the PKCS12 format when you don’t have the certificate’s private key. Because you only imported a CER file, you don’t have the key.
If you absolutely must have a PKCS12 file containing only the certificate, use the following OpenSSL command:
openssl pkcs12 -export -nokeys -in certificate.cer -out pkcs12.pfx
In my instance, the problem was that the computer I was trying to use to generate the PFX was not the same machine that was used to generate the CSR. The big red note at the top of my instruction page stated that it must be the same machine.
User contributions licensed under CC BY-SA 3.0