Follow

How can I get public and private keys out of IIS?

Created by: Brendan Bone
Created date:
Last Updated date:

Question

How can I get public and private keys out of IIS?

Note: Certificates in IIS are typically stored in the "Personal" or "Web Hosting" certificate store for the "Computer account".

 

Answer

 

  1. Open the Microsoft Management Console (mmc).
  2. In the File menu select "Add/Remove Snap-in".
  3. Double-click "Certificates" in the list of available snap-ins, select to manage certificates for the "Computer account" of the "Local computer", and click "Finish".
  4. Click "OK" to populate the snap-in.
  5. Navigate to the correct Certificate Store (typically "Personal" or "Web Hosting") to find the desire certificate.
  6. Right-click the desired certificate and go to All Tasks > Export.
  7. Proceed through the Certificate Export Wizard, selecting "Yes, export the private key".
  8. Select to export a PFX, with "Include all certificates in the certification path if possible".
  9. Choose a password to encrypt the PFX and a path to export it to.  This PFX can be used as the "private key" in AccessData products.
  10. Back in the MMC, right-click the desired certificate again and go to All Tasks > Export.
  11. Proceed through the Certificate Export Wizard, selecting "No, do not export the private key".
  12. Select to export a "Base-64 encoded X.509" CER or P7B.
  13. Choose a path to export the certificate to.  This CER or P7B can be used as the "public key" in AccessData products.

 

Overview

AD Enterprise, the AccessData Agent, and Site Server all require a public and private key pair to function.  If you use IIS to generate or otherwise house your certificates, you may need to extract your private/public key pair to use with AccessData products.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk