Exporting “Non-Exportable” Private Keys from Vista

Going through the Thawte sign-up process to get a code signing certificate, I noticed that the certificate signing request (CSR) generated by Vista has the “Yes, export the private key” option grayed out.  I’m surmising that Vista marks all keys (at least those for code signing certificates) as not exportable.

This is obviously bad when you have more than a single developer who must sign code.  After beginning the process I found an article at Thawte which says ‘don’t do this on Vista!’, but I also found the Jailbreak util from iSec.  This was able to export the private key with the CSR into a PFX file.  As a test I also re-imported it from the export file and that worked fine.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.