Today, I needed a PFX (public key file) to sign a ClickOnce deployment. I spent a fair amount of time trying to figure this out, so I figured I’d share it!
There were plenty of suggested solutions out there, but the best one was from MSDN blogger Maxime Lamure.
In short, do the following, replacing MyCert with the certificate file name (without extension), MyName with the name you want on the certificate (your name, or a company name), and password with the PFX file password.
- Open a Visual Studio Command Prompt. If using Windows Vista or Windows 7, be sure to run as Administrator.
- Create your certificate (.cer) file by typing:
makecert -sv MyCert.pvk -n "CN=MyName" MyCert.cer
- Create your public key (.pfx) file by typing:
pvk2pfx -pvk MyCert.pvk -spc MyCert.cer -pfx MyCert.pfx -po password
At the end, you’ll have your very own certificate file and public key!
H Bhatt says:
R/sir,
I could not be alble to create digital signature certificate in pfx file…kindly guide…
Vasile says:
Hi,
I know it’s an old post, but for the sake of correctness note that password is the resulting pfx file’s password, not the public key password. The public key is already public as its name implies. The pfx file embeds the private key (required for the signing process), that’s why it’s protected by a password.
Regards,
Vasile
brian says:
Thanks, I just updated the wording!
pihu says:
Kindly tell us the detailed view – IS CN = Computer Name??
Where these files are located? please help
brian says:
CN in this context is “Canonical Name” — usually the company name. See http://msdn.microsoft.com/en-us/library/bfsktky3(v=vs.110).aspx for more details.
Example:
makecert -sv MyCert.pvk -n “CN=ACME, Inc.” MyCert.cer
sukhvinder says:
please sir, guide me how to create digital signature
Almas says:
I have .cer file generated by CA from my certificate request.
I do not have .pvk file.
But I need .pfx file.
How can i convert my .cer to .pfx?