Export snk from non-exportable key container
I have created a snk file using sn -k KeyFile.snk
Now the problem is that i lost my Keyfile.snk
and i want to install the key pair on a production server. I can't generate a new keypair since i have already issued licenses using the old keypair and the application is already installed on several customer's PCs.
I tried exporting it from my test machine's key container but it is set as non-exportable.
I used mimikatz to force an export. It worked, but it returned a .pvk file. And now i'm stuck.Any idea 开发者_运维百科to how i should proceed?
Thank you.I'm the author of mimikatz, don't you know that you can convert PVK with OpenSSL ?
http://blog.gentilkiwi.com/cryptographie/openssl-conversion-pvk-microsoft-privatekey-blob
You can also make a pfx/p12 with the public certificate (sn -p) and the converted PEM key :)
The .pvk format was often used for storing Authenticode(tm) private keys. It's a simple format and the Mono project has tools to read it. Mono also has tools to read and write .snk files.
However I don't recall any tool doing the conversion so you'll likely need to write a small piece of code to read the PVK and write it as an SNK (with an RSA instance in-between).
Everything you need exists inside the Mono.Security assembly that Mono provides (or that you can compile on your own).
Disclaimer: I'm the main author of the Mono code discussed above and it is all available under the MIT.X11 license
精彩评论