Microsoft 2003 CA - mark key as exportable greyed out

Discussion in 'Security Software' started by jokerjoed, Jan 8, 2004.

  1. jokerjoed

    jokerjoed Guest

    I've been using a Windows 2000 certificate authority for
    some time. I now upgraded to Windows 2003, but when
    requesting a "Web Server" certificate, the "Mark keys as
    exportable" option is greyed out. Without this option,
    it prevents me from exporting the new certificate to
    a .pfx format.

    Is there a way to get around this?

    Help...
     
    jokerjoed, Jan 8, 2004
    #1
    1. Advertisements

  2. jokerjoed

    Brian Komar Guest

    You could create a version 2 certificate template that is based on the
    Web Server certificate template. Then you can configure that the
    certificate is exportable.

    There is a catch though. The Web Server certificate request wizard is
    hard coded to request Web Server certificates and cannot presently be
    changed. You would have to move to alternative methods of requesting
    and installing the certificate if you move to a custom V2 certificate.

    For more information on customizing version 2 certificate templates, see
    the following white paper:

    http://www.microsoft.com/technet/prodtechnol/windowsserver2003/deploy/co
    nfeat/ws03crtm.asp


    Brian
     
    Brian Komar, Jan 8, 2004
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.