I am trying to use WinCrypt APIs to extract private key for a certificate installed in Windows Certificate Store. The certificate is installed in LocalMachine - "My" store and by default the "Enable Strong Private Key protection" is greyed out (as expected). I am unable to export private key for the certificate from Local Machine store. When I try using powershell commands, I am able to export certificate with private key but I am seeing the confirmation dialog pop up that usually comes if "Enable Strong Private Key protection" is checked. But this does not seem right for a Local Machine store. Can someone shed light on the same? Is there a way to Enable Strong Private Key protection even for Local Machine store also?
Export Private key from Windows Certificate Store when "Enable Strong Private Key protection" is set
1.4k Views Asked by Amal Jesudas At
1
There are 1 best solutions below
Related Questions in SECURITY
- Can MVC.NET prevent SQL-injection at razor or controller level?
- Forgotten password reset page: should the user need to enter a username/email as well?
- Dynamic roles list in CustomAuthorize ASP MVC
- Access roles from multiple applications
- How to Fix TLS CBC Incorrect Padding Abuse Vulnerability on Windows 2003 Server
- Evernote Web Clipper and Content Security Policy
- Invalidate user credentials when password changes
- Spring Boot MVC non-role based security
- Correct Captcha behaviour on error
- Is macro more secure than static const if I don't want someone to know or change the hardcode value?
- In Android, ensuring only pre-decided users can only use the app
- Authenticating plain text passwords against md5 hash in DB using Apache Shiro
- Symfony2 - handle HTTP/Entity user access restrictions
- Client side computation without exposing code?
- searchable row level encryption using java?
Related Questions in CERTIFICATE
- Ruby on Windows XP: How to change directory of SSL certificates
- iOS CSR Certificate is not generating correctly
- Wrong vertificate signature algorithm in X509Certificate for SHA256withDSA using Java
- Migrate ClickOnce certificate from Sha1 to SHA256 and run on .NET 4.0 client machines
- How to create CSR with SANs using keytool
- Import cert in ApplicationPool identity Personal certificate store
- Application is not recognized by Game Center after iOS Certificate renewal
- Firefox automatically choose certificate, without ui dialog
- Do all ActiveMQ clients need a client certificate?
- Wildcard SSL - Which to chose and what is the key differences?
- Thread-6, RECV TLSv1 ALERT: fatal, handshake_failure
- How can i get Certificate issuer information in python?
- What certificates does 'curl' use by default?
- Android Client certificate 403
- C# : How can I retrieve the "personal" certificates installed on a remote computer
Related Questions in STORE
- Storing values in a for loop?
- Accessing a html file from a menu option does not work when I make a jar or store file
- Storing the last input text whilst using the POST method with PHP
- Compare users input
- Uploading Different Versions App to the Apple App Store
- Problems to retrieve Image from SQL Server in Silverlight
- ExtJS Grid Reconfigure breaks gridfilters plugin
- Cannot set Background Image of Grid Windows Store App through XAML
- using local storage saved value as a text in a root text
- How to add dynamic html or script to any page in Bigcommerce Store using app development API
- How to store entered values to variables and display them on screen after clicking submit button in Android Studio?
- Ember Data adaptor does not fetch records from Rails
- Extract specific information from file C++
- send the selected value from a dropdown menu to another page
- preserved value of a variable in C
Related Questions in PRIVATE-KEY
- What is the best place to store my private keys?
- How to verify a .Onion domain against a private key
- How to create a private certificate for connecting to a website
- How to obtain private RSA key(private) as byte array in pgp file?
- Convert key and certificate
- How to create valid public and private key for digital sign?
- Why KeyPair.getPrivate().getEncoded() is null?
- How can a HDInsight cluster using SSH public key be visible to multiple users?
- How is private key read out from a PKCS#11 module in openSSL?
- I am getting error while using SecKeyEncrypt with Secure Enclave
- ssh connection with privatekey on apple
- Public key and private key relationship
- .NET Core X509Certificate2.PrivateKey throws nte_bad_keyset error
- libssh trying to authenticate with public and private keys
- Extending expiration date of trustedCertEntry within a keystore
Related Questions in WINCRYPT
- Argument of type "unsigned long *" is incompatible with parameter of type "HCRYPTHASH *"
- NTE_BAD_DATA in CryptSetKeyParam while setting KP_P in wincrypt
- STATUS_INVALID_PARAMETER error import diffie hellman public key using BCryptImportKeyPair
- BCryptImportKeyPair returns STATUS_INVALID_PARAMETER when i try to import public key
- Why does Windows CryptVerifySignature Fail on Signature created by PHP?
- How to decrypt encrypted data stored in BSTR
- jarsigner default signature algorithm fails
- CryptVerifyDetachedMessageSignature() fails with SHA256withDSA and self-signed certificate
- Export Private key from Windows Certificate Store when "Enable Strong Private Key protection" is set
- PFXExportCertStoreEx to export private and public keys
- JWT Verification on WIN32
- C# Error Using ProtectedData.Unprotect() Function
- How to acquire a valid CNG private key handle from a certificate
- RSA SHA512 signature generated by Windows CNG(Cryptography Next generation ) NCryptSignHash not matching with signature generated by openssl RSA_sign
- How to add certificate in store?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Finally identified the issue to be related to permission of the Machine Key folder. Updated permission to "Full Control" to "Everyone" and now am able to get the private key without any issue. Refer: https://learn.microsoft.com/en-us/previous-versions/visualstudio/visual-studio-2008/bb909654(v=vs.90)?redirectedfrom=MSDN to know how to change Permissions.