What am I doing wrong ? code-signing, exportable certificate on win2k8 std
so, Hi & all, let's cut the chase <snipped> our domain is based on w2k8-standard. we do a lot of coding, and so we wanted to sign our own certificates. and so I issued myself a code-signing certificate. but in order for my packaging module (PrimalScript) to pack .vbs files in a signed executable, it requires a .pfx file with the private key exported. as you may know, one can easily edit the CA template for code-signing, such that the private key can be marked exportable. however, using custom certificates is limited to the w2k enterprise edition only. what I wound up doing (based on a web guide i can no longer locate, and on this guide ) is this: get makecert, place it on the DC which holds the CA role. use this syntax: makecert -r -pe -n "CN=My User,OU=my ou,DC=my,DC=Domain,DC=local" -b 01/01/2011 -e 01/01/2099 -eku 1.3.6.1.5.5.7.3.3 -ss My -ir LocalMachine -is MY so i now have a certificate generated by my own Root CA - perfectly signed and all, ...