Backing Up and/or Moving Certificates in Windows
This procedure is useful for:
Backing up your certificates to data storage media, such as CDs or Flash drives, or to secure online storage, such as WebSpace.
Moving your certificate files to other computers and devices where you want to sign or encrypt data.
Exporting certificates from the Windows Certificate Store
Treat the files that you export as very sensitive data. You are exporting both your public and private keys. If someone else has access to your private keys, they can attach your electronic signature or encrypt files with your information.
From the Windows Start menu, select Control Panel.
Select Internet Options and click the Content tab.
Click the Certificates button.
Select the Personal tab.
Select the certificate you wish to export and click the Export button.
Note: If you have multiple certificates listed, you should select the one issued to your email address by Comodo.
In the Certificate Export Wizard window, click Next.
You will have the option to export your private key with the certificate (if available). Choose to export the private key (the 2nd bullet, below) if you are creating a backup or moving the files to another device where you want to sign/encrypt data.
If you chose not to export your private key, click Next and select the DER Encoded binary X.509 format. Click Next again.
If you choose to export you private key, click Next and select the Personal Information Exchange - PKCS #12 (.PFX) format. Choose the additional following options:
Select "Include all certificates in the certification path if possible"
Select "Enable strong protection"
Clear "Delete the private key if the export is successful" (this is not recommended)
When prompted, create and enter a strong password and click Next.
Be sure that you create a password that you will be able to remember at a later date or that you can store it in a separate location that is also secure. The password will be required to move the files to another computer or device or if you ever have to use the files to restore your certificates.
Enter the name of the file you are exporting.
Choose the location and filename destination where you want to export your certificate and click Next.
If you are creating a backup copy
There are several options for storing your backup copy of your certificates. You can:
Use portable media, such as a flash drive. Save the files to the drive and then store the flash drive in a secure location, such as a locked file cabinet or a safe.
Use a CD. Write the files to the CD and then store the CD in a secure location, such as a locked file cabinet or a safe
Save the certificate files to a folder in WebSpace, which is considered to be very secure. Make sure that you save them in a folder that is not readable by an other person or group.
Remember that you MUST have the password you created in step 8, above, in order to use the backups.
Please do not ask anyone else, such as desktop support staff, to store the backup copies of your certificates for you. It is a security risk to allow someone else to have access to the private keys that are included in the backup files.
If you are moving the files to another device or computer
There are several options for moving your certificate files from one machine to another. You can:
Use portable media, such as a flash drive. Save the files to the drive in the first computer and then move the flash drive to the other computer.
Use a CD. Write the files to the CD and then move the CD to the other computer.
Email the certificate files to yourself from the first computer, and then open the email on the other computer. You can save the files the way you would any other attachment.
Save the certificate files to a folder in WebSpace, which is considered to be very secure. Make sure that you save them in a folder that is not readable by an other person or group. You can log into WebSpace on each computer where you want to install the certificates.
On each computer where you move the certificates, you must save the files to the operating system certificate store and then configure the programs where you want to use the certificates.
Last updated December 10, 2012 @ 2:55 pm