I have a scenario where I'm using an Enrollment agent cert and certreq to automate certificate requests on behalf of a bunch of users. What I'd like to end up with is a .pfx file (with password) that I can make available to the user. That said, I've managed to automate everything up to creating the .cer file. But it seems that in order to create the .pfx, I need to first install the .cer file, then export it with the private key. I'd like to try to avoid the install then export step because I need to do this process for a large number of certs. Is this scenario do-able--is there a way to just export the private key in an automated fashion, then generate the pfx? I realize there are security challenges around this but I'm not finding a good way to get from .cer to .pfx without user intervention.
Thanks,
Darren
Darren Mar-Elia MS-MVP, Group Policy
www.gpoguy.com
www.sdmsoftware.com - "The Group Policy Experts"