How does a Certificate get associated to the private key pair?



  • I am new to SSL certs and trying to understanding once the certificate is imported into the Certificate Store (in Windows), how do we associate the private key pair to the certificate? Is that by creating a pfx that would contain the certificate and private key and import that pfx into Certificate Store? We intent to use the TPM to store the private key (but not using it to generate the keypair). Is there a way to specify where the private key is to be stored (ie into the TPM)?



  • Is there a way to specify where the private key is to be stored (ie into the TPM)?

    Not from GUI. You have to use command-line tool certutil:

    certutil -csp "Microsoft Platform Crypto Provider" -importpfx path\ssl.pfx
    


Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2