Question:

How do I get the Public (.P7B) Certificate out of a Private Certificate.

Prior to this, you need to have added the Private Key (.PFX) to the server certificate with the use of the Certificate Import Wizard.

This article also applies to certificates that have been CA signed and are not self-signed. 

Solution:

Open Certificates snap-in.

  1. Click Start and type MMC.
  2. Click File then Add\Remove Snap-in.
  3. In the Snap-ins window click on Certificate then Add.
  4. Say OK and you will have the Certificates Console in the display.

Click on the arrow next to Trusted Root Certification Authorities then on the Certificates folder beneath it.

https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875798/original/mceclip1.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T164051Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=964354014c332fa0727bba59a99eb6099bec57d21c963c415de9c4cefdd7bd6e

In the certificates panel on the right, look for the certificate (*.PFX) you added.

https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875799/original/mceclip2.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T164051Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=2786fc237c933afefd4ccaba89f8de0450c8a0cbcae28d71191d634d36d339e9

Right click on the certificate, select All Tasks then Export.

https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875800/original/mceclip3.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T164051Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=bc04b494b500e5f91edd1e47f97a5fd27c8a9491d69dc5772345e3e5094ae326

Click next in the Certificate Export Wizard box.

On the next screen select “No, do not export the private key", then click next.

https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875801/original/mceclip4.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T164051Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=dca743ce36c5678fa42e1f24a3caa3d33c89a98012f584c8445541392c0d12e1

In the Export File Format page, click on Cryptographic Message Syntax Standard – PKCS #7 Certificates (.P7B).

Check the box below it to Include all certificates in the certificate path if possible then click Next.

https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875802/original/mceclip5.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T164051Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=4f348dd168a365e5fd9f92d5dc0ac25bb92b2b55477c87fd9fd3c90ef6fdcd42

On the File to Export panel, browse to the location you have your original private key, give the file an appropriate name and click next.

https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875803/original/mceclip6.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T164051Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=d3b093949e82ef88692e19728bf549e6811114c14620d19261ddd231ebd26a17

After that click on finish.  If the export was successful, you will see a message saying the export was successful.

Browse to the location you just export the .P7B file to-to verify it is present.