BlueArgonaut
asked on
Can't export the EFS private Key with certificate
I can't export the EFS private Key with certificate.
If I try to export the EFS certificate can't save the private key. This option was not accessible. In Certificates View shows that it CONTAINS private key. This can be connected with problem described in another question Connected issue
I use Windows 7 64bits Ultimate. I didn't change password for any user on computer. The computer is on not on Active Directory it works in WORKGROUP. I haven't copy any file or folder between folders in C:\Users
Thanks a lot for your help. I appreciate it.
If I try to export the EFS certificate can't save the private key. This option was not accessible. In Certificates View shows that it CONTAINS private key. This can be connected with problem described in another question Connected issue
I use Windows 7 64bits Ultimate. I didn't change password for any user on computer. The computer is on not on Active Directory it works in WORKGROUP. I haven't copy any file or folder between folders in C:\Users
Thanks a lot for your help. I appreciate it.
ASKER
I have certificate and encrypted files already. There is another issue connected please see the link "Connected Issue"
Hopefully my post in your other question takes care of this too, but if not try this as a next step for that issue and this one:
Copy the serial number for the certificate from the details tab of the cert, then open a cmd box:
certutil -user -repairstore "paste serial number"
certutil -user -p PASSWORD -exportpfx "paste serial number" C:\temp\FILENAME.pfx
Copy the serial number for the certificate from the details tab of the cert, then open a cmd box:
certutil -user -repairstore "paste serial number"
certutil -user -p PASSWORD -exportpfx "paste serial number" C:\temp\FILENAME.pfx
ASKER
Hello Paranormastic,
thanks for suggestion. The syntax didn't work fine. So I tried several options. Please see results below.
I used certificate serial number as you refer NOT the certificate thumbnail.
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- --------
certutil -myloginname -repairstore "26 68 98 18 97 91 ea ea bc 94 c6 96 54 f3 8a 10"
returned:
CertUtil: Unknown arg: -myloginname
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- --------
certutil -repairstore myloginname "266898189791eaeabc94c6965 4f38a10"
returned:
myloginname
CertUtil: -repairstore command FAILED: 0x80070002 (WIN32: 2)
CertUtil: The system cannot find the file specified.
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- --------
certutil -repairstore "266898189791eaeabc94c6965 4f38a10"
returned:
Expected at least 2 args, received 1
CertUtil: Missing argument
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- --------
certutil -repairstore my "266898189791eaeabc94c6965 4f38a10"
my
CertUtil: -repairstore command FAILED: 0x80090011 (-2146893807)
CertUtil: Object was not found.
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- --------
certutil -repairstore my "26 68 98 18 97 91 ea ea bc 94 c6 96 54 f3 8a 10"
returned:
my
CertUtil: -repairstore command FAILED: 0x80090011 (-2146893807)
CertUtil: Object was not found.
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- --------
thanks for suggestion. The syntax didn't work fine. So I tried several options. Please see results below.
I used certificate serial number as you refer NOT the certificate thumbnail.
--------------------------
certutil -myloginname -repairstore "26 68 98 18 97 91 ea ea bc 94 c6 96 54 f3 8a 10"
returned:
CertUtil: Unknown arg: -myloginname
--------------------------
certutil -repairstore myloginname "266898189791eaeabc94c6965
returned:
myloginname
CertUtil: -repairstore command FAILED: 0x80070002 (WIN32: 2)
CertUtil: The system cannot find the file specified.
--------------------------
certutil -repairstore "266898189791eaeabc94c6965
returned:
Expected at least 2 args, received 1
CertUtil: Missing argument
--------------------------
certutil -repairstore my "266898189791eaeabc94c6965
my
CertUtil: -repairstore command FAILED: 0x80090011 (-2146893807)
CertUtil: Object was not found.
--------------------------
certutil -repairstore my "26 68 98 18 97 91 ea ea bc 94 c6 96 54 f3 8a 10"
returned:
my
CertUtil: -repairstore command FAILED: 0x80090011 (-2146893807)
CertUtil: Object was not found.
--------------------------
Don't use myloginname - keep it as -user.
Copy this exactly:
certutil -user -repairstore "26 68 98 18 97 91 ea ea bc 94 c6 96 54 f3 8a 10"
Copy this exactly:
certutil -user -repairstore "26 68 98 18 97 91 ea ea bc 94 c6 96 54 f3 8a 10"
ack.. like this one:
certutil -user -repairstore my "26 68 98 18 97 91 ea ea bc 94 c6 96 54 f3 8a 10"
certutil -user -repairstore my "26 68 98 18 97 91 ea ea bc 94 c6 96 54 f3 8a 10"
ASKER
C:\Windows\system32>certut il -user -repairstore my "ac 59 d3 c7 5a 33 16 ad 4c d
a b2 5a f0 ba a3 53"
my
================ Certificate 1 ================
Serial Number: ac59d3c75a3316ad4cdab25af0 baa353
Issuer: CN=jozef
NotBefore: 15/07/2010 14:26
NotAfter: 21/06/2110 14:26
Subject: CN=myloginname
Signature matches Public Key
Root Certificate: Subject matches Issuer
Template:
Cert Hash(sha1): c6 33 48 a9 d6 f8 2c dd aa cc 61 80 d6 6d 27 45 9d ed 47 b3
Key Container = 7815678a-bd8f-2356-9e2c-b4 dfe155ecf6
Provider = Microsoft Enhanced Cryptographic Provider v1.0
CertUtil: -repairstore command FAILED: 0x8009000b (-2146893813)
CertUtil: Key not valid for use in specified state.
I got dialog for instering Smart Card.
"A smart card was not detected in the smart card reader."
I don't use smart card. Then the obove mssage end up with error message.
a b2 5a f0 ba a3 53"
my
================ Certificate 1 ================
Serial Number: ac59d3c75a3316ad4cdab25af0
Issuer: CN=jozef
NotBefore: 15/07/2010 14:26
NotAfter: 21/06/2110 14:26
Subject: CN=myloginname
Signature matches Public Key
Root Certificate: Subject matches Issuer
Template:
Cert Hash(sha1): c6 33 48 a9 d6 f8 2c dd aa cc 61 80 d6 6d 27 45 9d ed 47 b3
Key Container = 7815678a-bd8f-2356-9e2c-b4
Provider = Microsoft Enhanced Cryptographic Provider v1.0
CertUtil: -repairstore command FAILED: 0x8009000b (-2146893813)
CertUtil: Key not valid for use in specified state.
I got dialog for instering Smart Card.
"A smart card was not detected in the smart card reader."
I don't use smart card. Then the obove mssage end up with error message.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You will need to encrypt a file for the user you want the certificate for firs, this will then create the certificate and should allow you to export it.
M@