You have an enterprise root certification authority (CA) that runs Windows Server 2008 R2. You need to ensure that you can recover the private key of a certificate issued to a Web server.
What should you do?
A.
From the CA, run the Get-PfxCertificate cmdlet.
B.
From the Web server, run the Get-PfxCertificate cmdlet.
C.
From the CA, run the certutil.exe tool and specify the -exportpfx parameter.
D.
From the Web server, run the certutil.exe tool and specify the -exportpfx parameter.
I’m having a hard time validating any of these answers. The -exportpfx parameter is not a valid parameter of certutil. The Get-PfxCertificate cmdlet is a valid cmdlet, but it cannot be used to export a private key.
Can anyone help clarify?
According to this article the exportpfx parameter is valid, at least for 2008. http://technet.microsoft.com/en-us/library/ee449471(v=ws.10).aspx
Not sure if certutil is changed in r2 thoug.
Thanks, Dude. I’m not sure how Google failed me in my search for the exportpfx parameter. BAD, Google!