Let say I run this command:
makecert testcert.cer
Is a private key created? If so, where is it automatically stored in the system even though I did not tell makecert to install this certificate in any certificate store?
-
It looks like the private key is stored in the file itself. From the documentation at http://msdn.microsoft.com/en-us/library/bfsktky3(VS.80).aspx it states...
Caution
You should use a certificate store to securely store your certificates. The .snk files used by this tool store private keys in an unprotected manner. When you create or import a .snk file, you should be careful to secure it during use and remove it when you are done. -
The private key is not created because I HasPrivateKey of X509Certificate2 is set to false when I load the certificate in .NET.
-
The way you run the commnand does not create any private key. To generate a certificate with private key, you have to use the option -pe. But this is not suficient. Private key will only be created if your certificate destination is a store. So you'll have to use the command like this:
makecert -pe -ss My testcert.cer
"my" corresponds to the "personal" store.
0 comments:
Post a Comment