I am trying to export a cert with powershell to pkcs12. I can export it fine in MMC. But powershell barfs
PS C:\Users\paul> $cert.export('PFX'," pass")
Exception calling "Export" with "2" argument(s): "Key not valid for use in specified state.
"
At line:1 char:13
+ $cert.export <<<< ('PFX'," pass")
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
The private key is exportable
PS C:\Users\paul> $cert.privatekey.cspkeycontainerinfo
MachineKeyStore : True
ProviderName : Microsoft RSA SChannel Cryptographic Provider
ProviderType : 12
KeyContainerName : fd6ce48f23c5a94dee97bf7e87ef3da2_2868494a-a319-4976-80a7-e0f129e23cfd
UniqueKeyContainerName : fd6ce48f23c5a94dee97bf7e87ef3da2_2868494a-a319-4976-80a7-e0f129e23cfd
KeyNumber : Exchange
Exportable : True
HardwareDevice : False
Removable : False
Accessible : True
Protected : False
CryptoKeySecurity : System.Security.AccessControl.CryptoKeySecurity
RandomlyGenerated : False
running as local admin
This seems like a long shot, but have you tried using the Pfx enumeration instead of the string?
$pfx = [System.Security.Cryptography.X509Certificates.X509ContentType]::Pfx
$cert.Export($pfx,"pass")
The reason I ask, is that if you look at the value underlying the enumeration, Pfx actually has a value of 3.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.