In some cases, you may want to export a certificate with its private key to store on removable media or to use on a different computer. There are some restrictions to this procedure:

Users or local Administrators is the minimum group membership required to complete this procedure. Review the details in "Additional considerations" in this topic.

To export a certificate with the private key
  1. Open the Certificates snap-in for a user, computer, or service.

  2. In the console tree under the logical store that contains the certificate to export, click Certificates.

  3. In the details pane, click the certificate that you want to export.

  4. On the Action menu, point to All Tasks, and then click Export.

  5. In the Certificate Export Wizard, click Yes, export the private key. (This option will appear only if the private key is marked as exportable and you have access to the private key.)

  6. Under Export File Format, do any of the following, and then click Next.

    • To include all certificates in the certification path, select the Include all certificates in the certification path if possible check box.

    • To delete the private key if the export is successful, select the Delete the private key if the export is successful check box.

    • To export the certificate's extended properties, select the Export all extended properties check box.

  7. In Password, type a password to encrypt the private key you are exporting. In Confirm password, type the same password again, and then click Next.

  8. In File name, type a file name and path for the PKCS #12 file that will store the exported certificate and private key. Click Next, and then click Finish.

After the Certificate Export Wizard is finished, the certificate will remain in the certificate store in addition to being in the newly created file. If you want to remove the certificate from the certificate store, you will need to delete it.

Additional considerations