Ping a Specific Port

Question

tylerl

Asked: 2010-11-23 14:33:29 +0800 CST2010-11-23 14:33:29 +0800 CST 2010-11-23 14:33:29 +0800 CST

Recovering SSL key from a dead computer

772

When a server won't boot but you still have a functioning hard drive, you still should be able to extract the stored SSL certificates and keys, right? The information is all there after all.

The system certificates are stored in the registry here:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\My\Certificates

And the associated private keys are stored here:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\My\Keys\

But simply importing those keys into the live registry results in certificates with keys that don't work. How do I extract an SSL certificate off a dead drive?

1 Answers

Voted

sysadmin1138 · Answer 1 · 2010-11-23T17:39:12+08:00

Best Answer

sysadmin1138

2010-11-23T17:39:12+08:002010-11-23T17:39:12+08:00

It involves more than just the Registry. The locations are described in this MSDN Article: link. The blob you see in the registry under "keys" is a metadata blob, not the actual key. The actual key is stored encrypted in the file-system in the All Users profile.

All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys

The MSDN article lists where keys are stored for various key-owners.

5

Recovering SSL key from a dead computer

Ping a Specific Port

How do I tell Git for Windows where to find my private RSA key?

How do you restart php-fpm?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?