Mar 302023
In a previous article (here), we have seen how to export a certificate and its non exportable key using a rather complex method (decrypting DPAPI).
Here below how to do it the easy way (by hooking a rsaenh.dll api) :
cert –export –store=root –subject= »Root Authority » –force
-> you get a cert.pfx containing both the certificate and the private key.
Import and enjoy !
Could not make it work, simply not possible to export cert with non-exportable marked key from Computer / Personal store
what error message do you get?
you can always tried the more complex method in previous article.
but it is definitely possible to export a non exportable windows cert.