Export-PfxCertificate : Cannot export non-exportable private key

Solution 1

The problem isn't with the powershell code. The problem is with the certificate.

When a certificate is first imported or created, the private key must be marked as exportable in order for you to be able to export the private key.

The error message you have received indicates that the private key is not exportable on the certificate you are trying to use.

Example Issue

Solution 2

Maybe too late, but have you tried to run PowerShell script as administrator? (If you can export private key from mmc console, Export-PfxCertificate will export it also.)

Solution 3

I know this is an older question, but I wanted to post my solution as I was having this same problem. I too was getting the dreaded Export-PfxCertificate : Cannot export non-exportable private key error while trying to export my PFX file. The problem started after loading my code-signing certificate on my Windows machine. When I went to export it, the export to PFX option was grayed out without further explanation. I then followed many of the instructions listed here, including Powershell Export-PfxCertificate. None of these worked. I finally went back to my Certificate provider GoDaddy and they informed me that in my Original Certificate Signing Request (CSR) I did not check the box Make Private Key Exportable. GoDaddy graciously, and without cost, allowed me to submit a new CSR (with that option checked,) to 'Rekey' my existing certificate. Within a couple of hours, my new certificate was issued. I installed it on my machine and was able to export directly from Windows MMC (no need to PowerShell.) I've included this screenshot of the box that must be checked when creating your CSR (may look different on different platforms.)

dir cert:\currentuser\my | 
Where-Object { $_.hasPrivateKey } | 
Foreach-Object { [system.IO.file]::WriteAllBytes(
"$home\$($_.thumbprint).pfx", 
($_.Export('PFX', 'secret')) ) }

Author by

Kode

Enterprise Architect and Web Front End Developer || LinkedIn || My Blog Specialties: Enterprise Content Management (ECM), Electronic Records Management (ERM), Web Content Management (WCM), Enterprise Architecture, Web Front End (WFE) Development, taxonomies, classification schemes, governance, business operations, systems engineering/administration, SharePoint, virtualization, project management, relational databases, international trade law and negotiation, crisis management, conflict resolution, lobbying, contract negotiation, vendor management. Application Programming/Scripting Languages/Web Services/APIs: HTML5/HTML, CSS3/CSS, JavaScript, jQuery, jQuery UI, AngularJS, Backbone.js, RequireJS, Bootstrap, JSON, REST, AJAX, CAML C#, ASP.NET Web Pages, ASP.NET Web Forms, ASP.NET MVC, Entity Framework, LINQ, XML PowerShell, SQL, ColdFusion SharePoint Client Object Model (CSOM), JavaScript Object Model (JSOM)

Updated on August 28, 2021