PSPKI icon indicating copy to clipboard operation
PSPKI copied to clipboard

Published 20 hours ago verified publisher icon PKISolutions

Convert-PfxToPem returns "Invalid provider type specified" when converting PFX to PEM.

Open richardhicks opened this issue 3 years ago • 4 comments

When using Convert-PfxToPem in PSPKI v3.7.2 I am receiving an error stating "Invalid provider type specified". Below is the exact command syntax and output.

$Pwd = ConvertTo-SecureString -String 'foobar' -AsPlainText -Force Convert-PfxToPem -InputFile C:\foo.pfx -Password $pwd -OutputFile C:\foo.pem -OutputType Pkcs1 -Verbose

Invalid provider type specified At C:\Program Files\WindowsPowerShell\Modules\pspki\3.7.2\Client\Convert-PfxToPem.ps1:141 char:3

  •     throw New-Object ComponentModel.Win32Exception ([Runtime.Inte ...

  •     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : OperationStopped: (:) [], Win32Exception
    • FullyQualifiedErrorId : Invalid provider type specified

richardhicks avatar Jun 22 '21 18:06 richardhicks

This is a known issue when private key is stored in KSP. There is an issue with the way how .NET imports the PFX and making it exportable — it is exportable, but only in encrypted form (PFX) and doesn't allow key export in raw PKCS1/PKCS8 format.

Crypt32 avatar Jun 25 '21 06:06 Crypt32

Got it. Thanks for the information, Vadims.

richardhicks avatar Jun 25 '21 14:06 richardhicks

Reopening this. There is a chance to get this working for certificates installed in store, rather than PFX.

Crypt32 avatar Jun 25 '21 15:06 Crypt32

Ok, thanks!

richardhicks avatar Jun 25 '21 15:06 richardhicks