New-SelfSignedCertificate 不生成可导出密钥
New-SelfSignedCertificate does not generate an exportable key
我正在尝试使用 New-SelfSignedCertificate cmdlet 生成可导出密钥,但我做不到。
这是我的代码:
$certFilePath = "C:\certs"
$certStoreLocation = "Cert:\LocalMachine\My"
$pwd = "p@ssw0rd"
$cert = New-SelfSignedCertificate `
-KeyFriendlyName "Development Cert" `
-KeyDescription "Development Cert" `
-KeyAlgorithm "RSA" `
-DnsName @("*.dev.local", "localhost") `
-NotBefore (Get-Date).AddYears(-1) `
-NotAfter (Get-Date).AddYears(50) `
-KeyUsage CertSign, CRLSign, DataEncipherment, DigitalSignature, NonRepudiation `
-KeyUsageProperty All `
-KeyLength 2048 `
-KeyLocation $certFilePath `
-CertStoreLocation $certStoreLocation `
-KeyExportPolicy Exportable `
-KeyProtection None `
-Type Custom
$certThumb = $cert.Thumbprint
$certPath = "$certStoreLocation$certThumb"
$cert | Export-PfxCertificate -FilePath "$certFilePath$certThumb.pfx" -Password (ConvertTo-SecureString -String $pwd -AsPlainText -Force)
Export-PfxCertificate : Cannot export non-exportable private key.
At line:24 char:9
+ $cert | Export-PfxCertificate -FilePath "$certFilePath$certThumb.pfx ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Export-PfxCertificate], Win32Exception
+ FullyQualifiedErrorId : System.ComponentModel.Win32Exception,Microsoft.CertificateServices.Commands.ExportPfxCertificate
请注意,我专门告诉它生成一个可导出的密钥,但它没有。
有什么想法吗?
删除以下内容的部分:
-KeyLocation $certFilePath `
...解决问题。
我正在尝试使用 New-SelfSignedCertificate cmdlet 生成可导出密钥,但我做不到。
这是我的代码:
$certFilePath = "C:\certs"
$certStoreLocation = "Cert:\LocalMachine\My"
$pwd = "p@ssw0rd"
$cert = New-SelfSignedCertificate `
-KeyFriendlyName "Development Cert" `
-KeyDescription "Development Cert" `
-KeyAlgorithm "RSA" `
-DnsName @("*.dev.local", "localhost") `
-NotBefore (Get-Date).AddYears(-1) `
-NotAfter (Get-Date).AddYears(50) `
-KeyUsage CertSign, CRLSign, DataEncipherment, DigitalSignature, NonRepudiation `
-KeyUsageProperty All `
-KeyLength 2048 `
-KeyLocation $certFilePath `
-CertStoreLocation $certStoreLocation `
-KeyExportPolicy Exportable `
-KeyProtection None `
-Type Custom
$certThumb = $cert.Thumbprint
$certPath = "$certStoreLocation$certThumb"
$cert | Export-PfxCertificate -FilePath "$certFilePath$certThumb.pfx" -Password (ConvertTo-SecureString -String $pwd -AsPlainText -Force)
Export-PfxCertificate : Cannot export non-exportable private key.
At line:24 char:9
+ $cert | Export-PfxCertificate -FilePath "$certFilePath$certThumb.pfx ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Export-PfxCertificate], Win32Exception
+ FullyQualifiedErrorId : System.ComponentModel.Win32Exception,Microsoft.CertificateServices.Commands.ExportPfxCertificate
请注意,我专门告诉它生成一个可导出的密钥,但它没有。
有什么想法吗?
删除以下内容的部分:
-KeyLocation $certFilePath `
...解决问题。