Where is the private key after using certreq for CSR generation on Windows 10?

https ssl node.js tls csr

I tried to follow the website below for instructions on how to generate the CSR for my web server:

http://www.entrust.net/knowledge-base/technote.cfm?tn=8649

However, it only generates the CSR. Where is the private key? I was told that the key is generated at the time of CSR generation.

I am using Windows 10. I plan to use node.js Express. Are there alternative tools we can use to generate CSR on Windows 10?


Solution 1:

It's stored in the Windows certificate store. When you import the signed certificate, you will find you have a corresponding private key. It matches them by modulus, if I recall.

You can get a list of the private keys you have as a result of certificate enrollment requests (such as you made with certreq) by running certmgr.msc for the computer account (or simply certlm.msc for Windows 2012R1 or Windows 8 onwards).

The keys are in the Certificate Enrollment Requests folder.

The easiest thing to do if you need to use the certificate without using the API is to import the certificate, export it, and use openssl to transform the resulting PKCS5 into a PEM certificate and key.

You can also use openssl to generate keys and certificate requests, and if you plan to use them in PEM format on the filesystem rather than using the Windows API, you might as well do that.

Related

How to get the true client IP for a service running inside docker
How to redirect HTTP to HTTPS on AWS Application Load Balancer?
SPF fail vs. soft-fail pros and cons
How can I edit local security policy from a batch file?
Ubuntu Connect To SSTP VPN
Far manager for linux? [closed]
Dedicated server or Cloud Hosting?
Ubuntu Linux: Process swap memory and memory usage
SSH equivalent of .profile/.bashrc
Tool to compute SHA256 Tree Hash [closed]
Linux networking port exhaustion
How did I get this Windows share to prompt for login?