If you use my guide, you don't need to create exportable private key. Many (even official) guides assume that certificate request is generated on domain computer or on the CA server. In that case to export you must mark private key as exportable. However my guide requires to generate certificate request on the *target* machine. Therefore you don't need to move private key anywhere and 'Exportable = True' is not necessary.
Your template for generating the certificate request is missing the Exportable = True setting. I spent hours trying to figure out what was going wrong. It came down to the request not stating that the public key would be exportable later on. Here is what you should have for a template file:
Please ignore previous post. I needed to setup execution policy.
Thanks a lot.
it looks like you have edited my script and break signature. Re-download the script and run the command:
this command will not execute the script, but attach contained functions to a PowerShell session (this operation is known as dot-sourcing). Therefore you should type dot, space and path to a file.
© 2008 - 2020 - Sysadmins LV. All rights reserved