Exporting Your Digital Certificate to PFX Format
In order to sign your executables using a tool like SignTool.exe you will need to export a PFX file. It is also a good idea to export a PFX file in order to back up your code signing certificate.
Open Internet Options
Type internet options in the Start menu search box to quickly locate the Internet Options application.
Open Certificates Window
From the Content tab click on Certificates.
Export Certificate
Your Comodo certificate will be listed under the Personal tab. Select it and click the Export button.
The Export Wizard
The export wizard will open and you can step through the process.
Export the Private Key
Export as PFX (Personal Information Exchange)
Check Include all certificates... and Export all extended properties.
Assign a Password
Assign a password to protect the private key. This password will be required when you sign your applications using the PFX file you are generating.
Specify the Path
I export mine to the C:\ drive.
Finish
Hiren Patel
I've ePass2003 Token. How do I export the certificate in PFX format from the same ???
Hiren Patel
While I try to export the Certificate from IE-11 i'm not getting the Option "Yes Export the Private Kry" enabled in Internet Explorer-11
Trevor DeVore
@Hiren - I don't know. I haven't worked with ePass2003 tokens before.
MP
How did your Comodo certificate appear under personal? Is this a .cer that was created for you? Did you have to save the code signing certificate under a specific location? I have a Certificate.cer which I want to convert to a .pfx file.
Trevor DeVore
@MP - see the previous article in this manual which explains how to retrieve the certificate from Tucows: https://revolution.screenstepslive.com/s/revolution/m/10695/l/563367-retrieving-your-certificate
The .cer was installed during that process.
Ramji gupta
I've ePass2003 Token. How do I export the certificate in PFX format from the same ???
Trevor DeVore
@Ramji - Unfortunately I'm not familiar with that format so I can't offer any guidance.
basant
While I try to export the Certificate from IE-11 i'm not getting the Option "Yes Export the Private Kry" enabled in Internet Explorer-11
Jan Bludau
thank you :-)
Martin Koob
Hi Trevor. I am exporting a Code Signing Certificate in .PFX format using IE 11 and I get two options that don't show in your screenshots.
1. On the section above "Export as PFX..." under the option "Personal Information Exchange - PKCS #12 (>PFX) it has a 4th checkbox 'Enable certificate privacy'. It is checked by default. Should that be checked?
2. Under the 'Assign a password' section it shows just two fields for the password and the confirmation of the password. In the dialog I have it also has a dropdown menu for Encryption. That gives two choices: TripleDES-SHA1 and AES256-SHA256. It seems that I should pick AES256-SHA256 since I think both TripleDES and SHA1 are deprecated. What is the right choice here?
Thanks
Martin Koob
Trevor DeVore
@Martin -
1. Apparently leaving it checked will give you same behavior as pre Windows 10. At least that is what this article says: https://www.sevecek.com/EnglishPages/Lists/Posts/Post.aspx?ID=89
2. I would guess that you are right, based on the same reasoning. I don't know the potential implications are with each option though.