How do I get the Public (.P7B) Certificate out of a Private Certificate.

Prior to this, you need to have added the Private Key (.PFX) to the server certificate with the use of the Certificate Import Wizard.

This article also applies to certificates that have been CA signed and are not self-signed. 


Open Certificates snap-in.

  1. Click Start and type MMC.
  2. Click File then Add\Remove Snap-in.
  3. In the Snap-ins window click on Certificate then Add.
  4. Say OK and you will have the Certificates Console in the display.

Click on the arrow next to Trusted Root Certification Authorities then on the Certificates folder beneath it.

In the certificates panel on the right, look for the certificate (*.PFX) you added.

Right click on the certificate, select All Tasks then Export.

Click next in the Certificate Export Wizard box.

On the next screen select “No, do not export the private key", then click next.

In the Export File Format page, click on Cryptographic Message Syntax Standard – PKCS #7 Certificates (.P7B).

Check the box below it to Include all certificates in the certificate path if possible then click Next.

On the File to Export panel, browse to the location you have your original private key, give the file an appropriate name and click next.

After that click on finish.  If the export was successful, you will see a message saying the export was successful.

Browse to the location you just export the .P7B file to-to verify it is present.