search cancel

How To Export A Digital Certificate Private Key In Top Secret


Article ID: 53486


Updated On:


Top Secret


What is the method to export a certificate with a Private Key in Top Secret?



Component: Top Secret


In order to export the private key along with the certificate, certain parameters must be used on the EXPORT command.

The TSS EXPORT must be done with keywords PKCSPASS and FORMAT(PKCS12xxx).

The 'PKCS12xxx' must either be 'PKCS12DER' or PKCS12B64.

PKCS12B64 - Indicates DER encoded (then Base64 encoded) PKCS#12 package.
PKCS12DER - Indicates DER encoded PKCS#12 package.

PKCSPASS - Sets the password to secure the digital certificate withing the dataset.

Below is an example of an TSS EXPORT command that will export the private key:

TSS EXPORT(acid) DIGICERT(digicert_name) DCDSN(
     FORMAT(PKCS12DER) PKCSPASS('password')

The dataset is now password protected so if you are going to add the certificate to an acid you will need the PKCSPASS(password):
TSS  ADD(acid) DIGICERT(certificate) DCDSN( PKCSPASS(password)