Author Posts

July 7, 2014 at 8:48 am

Given the recent and on-going issues with OpenSSL I am looking for another way to extract the private key from a certificate PFX file. Is there a way to do this via powershell?

July 7, 2014 at 9:12 am

I don't know of a way to do this with Microsoft's built-in crypto APIs, but it looks like you can use some of BouncyCastle's API to accomplish that. See http://social.msdn.microsoft.com/forums/vstudio/en-US/80ccc76f-bf98-4cda-9583-f651013b24a5/extract-private-key-as-string-from-pfx-file for an example of this in C#. (DotNetUtilities.GetRsaKeyPair() and the AsymmetricCipherKeyPair / PemWriter classes are from BouncyCastle, and the rest of the code is stuff from the .NET Framework.)