How to separate public from private key in a self-signed server certificate in IIS7

0
votes

We followed the instructions here:

http://technet.microsoft.com/en-us/library/cc753127(v=ws.10).aspx

to create a self-signed server certificate. We need to share the public key portion of the key with a business partner. On the development PC, running 64-bit Windows 7 Professional, when we follow the steps for exporting the certificate here:

http://technet.microsoft.com/en-us/library/cc731386(v=ws.10).aspx

there seems to be no option to separate public from private.

After creating a self-signed server certificate in IIS7, how to split it into public and private keys, so that the business partner can be sent an advance copy of our public key, and we can programmatically sign SAML2 assertions with the private key?

1
iis-7.5saml-2.0

1 Answers

3
votes

Since you already exported the certificate, you can use OpenSSL to extract the public key and the private key.

openssl.exe pkcs12 -in yourP12File.pfx -clcerts -nokeys -out publicCert.pem
openssl.exe pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem

or some other way here: Extract public/private key from PKCS12 file for later use in SSH-PK-Authentification