Extracting certificates and private keys

Using the Policy Tree, Trust Protection Platform can extract certificates and private keys from applications associated with a certificate.

The Application associated with the certificate must be correctly configured for Trust Protection Platform to authenticate with the target application and find the certificate and private key file(s) in the application’s local file system.

When you extract the certificate and private key, Trust Protection Platform encrypts the data, then archives the data in the Trust Protection Platform database so it can be distributed or downloaded on demand.

NOTE  This option is available only in Policy Tree.

To extract a certificate and private key from an application associated with a Certificate

  1. From the Platform menu bar, click Policy Tree.
  2. You must have Private Key Write and Write permissions to the Certificate object and both Read and Private Key Read permissions to the Application object to extract a certificate and private key from an application.
  3. Select the Policy tree from the Tree drop-down menu.
  4. In the Policy tree, select the Certificate object that you are going to extract the certificate and private key for.

  5. Click the Certificate > Associations tab.

  6. Select the application where you want to extract the certificate and private key.

  7. Click Extract.

    IMPORTANT  The Application object associated with the certificate must be correctly configured for Trust Protection Platform to authenticate with the target application and find the certificate and private key file(s) in the application’s local file system.

  8. If Trust Protection Platform has archived a certificate for the current Certificate object, Trust Protection Platform compares the extracted certificate and private key with the archived certificate. If there is a mismatch, Trust Protection Platform asks if you want to overwrite the current certificate and private key.

  9. (Conditional) If prompted to overwrite the existing certificate and private key, verify the overwrite, and then click OK.

When finished, Trust Protection Platform notifies you that the certificate and private key were successfully extracted from the application. If there is an error during the extraction process, Trust Protection Platform indicates the nature of the error and aborts the extraction.