Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
For whatever reason, certificate private keys keep getting lost. This is annoying specially to grumpy devs.
The symptoms are clear: when you open certml.msc (machine) or certmgr.msc (user):
Fortunately the answer is in certutil.exe. Here are the steps:
- Localize the certificate in Powershell in admin mode. Do "cd cert:" and then recursively traverse your certificates using let's say, your thumbprint:
$found = ls -r | where { $_.Thumbprint -like 'TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT'} - Get the serial number of the certificate:
$found[0].SerialNumber - Grab the serial number and feed it to certutil with the following args:
certutil –repairstore my SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
On success you should see some of your certificate info finishing with: "CertUtil: -repairstore command completed successfully."
Then, to keep your certificate and key safe, use the Certificates module in the Microsoft Management Console or Export-PfxCertificate Powershell cmdlet to export the certificate with its private key into a .pfx file.
Done! refer to the certutil documentation for more info.
Happy coding!