Hi all, I've generate a request with the new-certificaterequest command and issued the certificate by the internal CA but I've no the possibility to export the private key. I cannot see on the CA webpage the "Mark keys as exportable" so after I've created the .cer file it doesn't ask me to save the private key. What's wrong?

Hi, "Mark keys as exportable" is someting you can do when you import the certificate - not when you create the certificate Leif

When I choose from Certificate console to Import the .cer file I've gernerated with the CA I cannot see the option to import the private key

Hi, If it is an Exchange certificate you should use import-exchangecertificate: http://technet.microsoft.com/en-us/library/bb124424.aspx See the parameter PrivateKeyExportable Leif

Or try to export the certificate you impported through the MMC - here you should also get the possibility to export the private key Leif

I see the associated key only to the pfx file in the "Certificate enrollment request" I don't understand why I can't see the export private key in the .cer file

Hi, Because the pfx file is password protected - the cer file is not. And the cerfile is actually just a txt file containing your certificate Leif

Ok wihich file I've to import on the CAS server? The pfx or the cer? Cause I don't see any SAN names and not the correct CA in my pfx certificate

Hi Fepi, When you use the import-exchangecertificate commandline to import the certificate, the file is a .pfx file. You could refer to below information: http://technet.microsoft.com/en-us/library/dd351183.aspx Some related information: http://technet.microsoft.com/en-us/library/gg502577.aspx Regards! GavinPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.