When you get a new code signing certificate after renewal how do you create a new pfx using the previous years private key? Or maybe the question is how do I create a new private key/CSR from lasts years private key or CSR - I really don't know? How to use a renewed certificate seams like something that should be more obvious, and in the standard help pages for how to use the thing you've just purchased!
I searched for hours (as I have other years), then called support who said it was 'possible' just google pfx converter - not very helpful. Other years I have given up and just ReKeyed - but I would really like to know how to do this 'properly'
This is currently on Windows 7
Solved! Go to Solution.
Finally worked it out... so I'll post here to help any others frustrated with this...
 Use the article "Converting an Exported PFX Code Signing File to PVK and SPC Files using Windows" to get a PVK file.
 Use the Microsoft tool pvk2pfx to use this PVK file and your new SPC file to create the new PFX - with something like:
"C:\Program Files (x86)\Windows Kits\10\bin\x64\pvk2pfx" /pi oldpassword /pvk PvkFromOldPfx.pvk /spc newdownloadedspc.spc /pfx NewPxfName.pfx /po newpassword
Thanks for posting your solution.
I am currently requesting a "Renew certificate" and it provides some value in Code signing request (I guess it is the value from the previous year, when I requested certificate). Is it ok, to use that same value for renewal (I will use certicate on the same machine as previously) or do I have to recreate that Code signing request? Perhaps you can help... since you managed to get this completed
P.S. I just don't get why there is no proper documentation for this, seems to be, "regular" stuff... And leaving responsibility to solve issues to community itself.
Hi, yes I just did the renew certificate, hence why you then have to go through the above method to get a new PVK file from your old PFX.
I think, if I remember correctly, that other years I had given up and just 'rekeyed' the new certificate.
and good luck