- Remove From My Forums
Answered by:
Question
-
hi all
when we install iis ( 7.5 ) , the server generates a self-signed certificate . is there any method the private key of the server ? in general is there any method to see the private key ( or private key which the CA server issues to a server ? )
thanks in advance
- Moved by Tiger LiMicrosoft employee Monday, January 9, 2012 10:02 AM (From:Network Infrastructure Servers)
Saturday, January 7, 2012 7:45 PM
Answers
-
yup...Even the Private key will be in CSR file format.
u can find the private key under the below location:
- Locate the "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys" folder.
- here are several files located in this folder. Each file in this folder corresponds to a key container. Try to open each with Notepad.
Alternatively u can use this tool FindPrivateKey to retrieve a private key from a certificate store.
Hope the Above Information is Useful.
Gopi Kiran
- Edited by Gopi Kiran Saturday, January 7, 2012 9:31 PM
- Marked as answer by Tiger LiMicrosoft employee Monday, January 9, 2012 1:07 AM
Saturday, January 7, 2012 8:54 PM
All replies
-
The disadvantage is that you cannot export the requested certificate including the private keys. During the request the option toMark keys as exportable is grayed out.when requesting server certificate using a Windows CA server.
Work around for this issue is, You need to create a new Web Server Certificate template.
- open the Certificate Template snap-in
- click the Web Server certificate template
- choose Action – Duplicate Template->Choose Anyone 2008/2003 (depends on the domain Environment)
- configure a unique template name
- choose the tab Request Handling
- enable the option Allow private key to be exported
You can now request a new certificate with the newly create certificate template. After the certificate is issued and installed on the user or local computer store, you can export the certificate including the private key.
Hope This Helps...Gopi Kiran
- Edited by Gopi Kiran Saturday, January 7, 2012 8:38 PM
Saturday, January 7, 2012 8:02 PM
-
The disadvantage is that you cannot export the requested certificate including the private keys. During the request the option toMark keys as exportable is grayed out.when requesting server certificate using a Windows CA server.
Work around for this issue is, You need to create a new Web Server Certificate template.
- open the Certificate Template snap-in
- click the Web Server certificate template
- choose Action – Duplicate Template
- configure a unique template name
- choose the tab Request Handling
- enable the option Allow private key to be exported
You can now request a new certificate with the newly create certificate template. After the certificate is issued and installed on the user or local computer store, you can export the certificate including the private key.
Gopi Kiran
Hope This Helps...thank you dear Gopi kiran , but then after i exported certificate including private key , how can i see what is that private key ? can i see that string like public key ?
- Edited by john.s2011 Sunday, January 8, 2012 5:21 AM
Saturday, January 7, 2012 8:38 PM
-
yup...Even the Private key will be in CSR file format.
u can find the private key under the below location:
- Locate the "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys" folder.
- here are several files located in this folder. Each file in this folder corresponds to a key container. Try to open each with Notepad.
Alternatively u can use this tool FindPrivateKey to retrieve a private key from a certificate store.
Hope the Above Information is Useful.
Gopi Kiran
- Edited by Gopi Kiran Saturday, January 7, 2012 9:31 PM
- Marked as answer by Tiger LiMicrosoft employee Monday, January 9, 2012 1:07 AM
Saturday, January 7, 2012 8:54 PM
-
yup...Even the Private key will be in CSR file format.
u can find the private key under the below location:
- Locate the "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys" folder.
- here are several files located in this folder. Each file in this folder corresponds to a key container. Try to open each with Notepad.
Alternatively u can use this tool FindPrivateKey to retrieve a private key from a certificate store.
Hope the Above Information is Useful.
Gopi Kiranexcellent answer . thank you veryyyyyyyyyyy much Dear Gopi, you are very good . exponentially thankfull for your helps and guidance ;-)
regards
Sunday, January 8, 2012 5:23 AM