Windows 10: Manual Certificate Request, User can change settings and export Private Key

Discus and support Manual Certificate Request, User can change settings and export Private Key in AntiVirus, Firewalls and System Security to solve the problem; Hi, today I have recognized that when our users manually request a certificate they can also change the request settings and select the private key to... Discussion in 'AntiVirus, Firewalls and System Security' started by zoid1988, Mar 4, 2021.

  1. zoid1988 Win User

    Manual Certificate Request, User can change settings and export Private Key


    Hi,

    today I have recognized that when our users manually request a certificate they can also change the request settings and select the private key to be exportable. How can I prevent this ?

    Manual Certificate Request, User can change settings and export Private Key f64bd914-d2e9-4f28-850d-8c8171f19693?upload=true.png

    Manual Certificate Request, User can change settings and export Private Key 6a214ce6-e35e-474f-8bce-87b5e2dd1a42?upload=true.png

    The situation is the same with users that have local administrator rights. If they request a computer certificate, they can also change the settings and make the private key exportable.

    Thank you for your answers :-

    :)
     
    zoid1988, Mar 4, 2021
    #1

  2. how do I export certificates and/or private keys?

    Hi,

    Thank you for posting your query on Microsoft Community. Let me assist you.

    I suggest you to follow the below steps to export a certificate with a private key

    1. Open the Certificates console for the user, computer, or service you want to manage.

    2. In the console pane, select the certificate store and container holding the certificate that you want to export.

    3. In the details pane, click the certificate you want to export.

    4. On the Action menu, point to
    All Tasks, and then click Export.

    5. In the Certificate Export Wizard, click
    Yes, export the private key. (This option will appear only if the private key is marked as exportable and you have access to the private key.)

    6. Under Export File Format, do one or all of the following, and then click
    Next.

    • To include all certificates in the certification path, select the
      Include all certificates in the certification path if possible check box.
    • To enable strong protection, select the Enable strong protection (requires IE 5.0, NT 4.0 SP4 or above) check box.
    • To delete the private key if the export is successful, select the
      Delete the private key if the export is successful
      check box.
    7.In Password, type a password to encrypt the private key you are exporting. In
    Confirm password, type the same password again, and then click
    Next
    .

    8. In File name, type a file name and path for the PKCS #12 file that will store the exported certificate and private key, click
    Next, and then click Finish.

    Hope this information is helpful. Please do let us know if you need further assistance, we’ll be glad to assist you.
     
    Pawan Dhondiyal, Mar 4, 2021
    #2
  3. g_954 Win User
    How to export Private Key

    Hello,

    I have configured a Windows Server 2012R2 Certificate Services computer and created a template to issue certificates and checked the box to allow the private key to be exported.

    When I use the certificate manager on my Windows 10 tablet the option to select and export format that allows exporting the private key is not selectable. it is grayed out.

    What am I doing wrong?

    Thanks
     
    g_954, Mar 4, 2021
    #3
  4. Manual Certificate Request, User can change settings and export Private Key

    Cannot Export / Backup my EFS certificate private key

    Windows 10 Pro
    1909

    Hi Folks,

    I am trying to export my EFS certificate as a backup, however I am having no joy.

    Note: I can encrypt and decrypt files using EFS no problem using my account.

    Trying in Certificate Manger:

    certmgr.exe (As Administrator)
    Personal / Certificates
    Right click the EFS cert / Export

    The option to export the private key is greyed out, with a note:

    The associated private key is marked as not exportable. Only the certificate can be exported

    Using cipher.exe:

    cipher /x c:\temp\EFSCertBack

    Error: Key not valid for use in specified state.

    Before I decrypt all of my EFS files and start a fresh any ideas?

    Cheers
     
    SuperPlay-UK, Mar 4, 2021
    #4
Thema:

Manual Certificate Request, User can change settings and export Private Key

Loading...
  1. Manual Certificate Request, User can change settings and export Private Key - Similar Threads - Manual Certificate Request

  2. ADDING CERTIFICATES MANUALLY

    in Windows 10 Gaming
    ADDING CERTIFICATES MANUALLY: Hello I am trying to add the Kaspersky root certificate to the Mozilla Firefox or Thunderbird certificate storage. When I press export it asks me to specify the file name I want to export in the wizzard. What do I put as the file name. I have asked various websites and I have...
  3. ADDING CERTIFICATES MANUALLY

    in Windows 10 Software and Apps
    ADDING CERTIFICATES MANUALLY: Hello I am trying to add the Kaspersky root certificate to the Mozilla Firefox or Thunderbird certificate storage. When I press export it asks me to specify the file name I want to export in the wizzard. What do I put as the file name. I have asked various websites and I have...
  4. ADDING CERTIFICATES MANUALLY

    in Windows 10 Customization
    ADDING CERTIFICATES MANUALLY: Hello I am trying to add the Kaspersky root certificate to the Mozilla Firefox or Thunderbird certificate storage. When I press export it asks me to specify the file name I want to export in the wizzard. What do I put as the file name. I have asked various websites and I have...
  5. Lost Private key to EFS certificate file -

    in AntiVirus, Firewalls and System Security
    Lost Private key to EFS certificate file -: Hi,I cannot access my encrypted files because the encryption certificate changed. I can still see it in the certificate manager but I cannot export it in Pfx file to install it again only in CER format....
  6. Can I change Settings icon manually?

    in Windows 10 Customization
    Can I change Settings icon manually?: Can I change Settings icon manually? https://answers.microsoft.com/en-us/windows/forum/all/can-i-change-settings-icon-manually/a1e89232-b278-44c9-8d54-f42a04ab2521
  7. Certification request

    in AntiVirus, Firewalls and System Security
    Certification request: Good Afternoon all, I don't know if I am in the right community, but I do have a concern that needs to fixed. I am a college student switch from Business Administration to IT & System Information. I have Lab assignment which is to use Sectigo to create email signature and...
  8. File Encryption and Decryption Problem With Certificate Private Key

    in Windows 10 Installation and Upgrade
    File Encryption and Decryption Problem With Certificate Private Key: Hi, so recently i had to do a backup and reset for my laptop and it is just after the reset that i realised that some of my files were encrypted. I had by luck been able to backup the certificates but cannot get access to the files still. It says that the private key is...
  9. Cannot Export / Backup my EFS certificate private key

    in AntiVirus, Firewalls and System Security
    Cannot Export / Backup my EFS certificate private key: Windows 10 Pro 1909 Hi Folks, I am trying to export my EFS certificate as a backup, however I am having no joy. Note: I can encrypt and decrypt files using EFS no problem using my account. Trying in Certificate Manger: certmgr.exe As Administrator Personal /...
  10. the certificate or key is not available for export on this machine. error code 80092004

    in Windows 10 Network and Sharing
    the certificate or key is not available for export on this machine. error code 80092004: Hello, I am facing this issue after I changed my system. On my old system, I had one folder which was encrypted using Windows 10 BitLocker. Although before moving to new system I decrypted my files. Now when I attached my drive to this new system there is an Lock icon on my...