• GoDaddy Community
  • SSL And Security

    • SSL And Security

    cancel
    Turn on suggestions
    Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
    Showing results for 
    Show  only  | Search instead for 
    Did you mean: 
    Go to solution
    TimC3
    New
    ‎03-06-2018 03:49 AM

    Code Signing Renewal - using new cert with private/CSR from previous years?

    When you get a new code signing certificate after renewal how do you create a new pfx using the previous years private key? Or maybe the question is how do I create a new private key/CSR from lasts years private key or CSR - I really don't know? How to use a renewed certificate seams like something that should be more obvious, and in the standard help pages for how to use the thing you've just purchased!      

     

    I searched for hours (as I have other years), then called support who said it was 'possible' just google pfx converter - not very helpful. Other years I have given up and just ReKeyed - but I would really like to know how to do this 'properly'

     

    This is currently on Windows 7

    Reply
    3 REPLIES 3
    TimC3
    New
    ‎03-06-2018 05:39 AM
    Solution

    Re: Code Signing Renewal - using new cert with private/CSR from previous years?

    Finally worked it out... so I'll post here to help any others frustrated with this...

    [1] Use the article "Converting an Exported PFX Code Signing File to PVK and SPC Files using Windows" to get a PVK file.

    [2] Use the Microsoft tool pvk2pfx to use this PVK file and your new SPC file to create the new PFX - with something like:

    "C:\Program Files (x86)\Windows Kits\10\bin\x64\pvk2pfx" /pi oldpassword /pvk PvkFromOldPfx.pvk /spc newdownloadedspc.spc /pfx NewPxfName.pfx /po newpassword

     

     

    Reply
    prokurors
    New
    ‎05-11-2018 11:10 PM

    Re: Code Signing Renewal - using new cert with private/CSR from previous years?

    Hi!

     

    Thanks for posting your solution.

    I am currently requesting a "Renew certificate" and it provides some value in Code signing request (I guess it is the value from the previous year, when I requested certificate). Is it ok, to use that same value for renewal (I will use certicate on the same machine as previously) or do I have to recreate that Code signing request? Perhaps you can help... since you managed to get this completed

     

    P.S. I just don't get why there is no proper documentation for this, seems to be,  "regular" stuff... Smiley Sad And leaving responsibility to solve issues to community itself.

    Reply
    TimC3
    New
    ‎05-14-2018 02:18 AM

    Re: Code Signing Renewal - using new cert with private/CSR from previous years?

    Hi, yes I just did the renew certificate, hence why you then have to go through the above method to get a new PVK file from your old PFX.

     

    I think, if I remember correctly, that other years I had given up and just 'rekeyed' the new certificate.

     

    Regards

    and good luck

    Reply

    You may also like...