Create bitlocker dra certificate with private key on removable drive
I am trying to create a self-signed DRA certificate to use with bitlocker to go, following the procedure at
http://technet.microsoft.com/en-us/library/dd875530(WS.10).aspx
I don't want to store the private key on the local personal certificates store as it happens following the above address.
I wish to be able, through certreq or some other tool, to create a self-signed certificate (with the specific OID related to bitlocker dra certificate) directly generating two files, one with extension ".cer" and one with extension ".pfx", exactly like
i do through cipher /r:recovery when i create a dra certificate for efs.
Is there a way to achieve that?
Thanks a lot
Michele
Ps: I know i can export the private key from the local personal store and delete the private key if the export is successful, but i think that that "delete the private key" is not the same as "wipe private key from disk"Michele
December 29th, 2010 6:47am