I have just applied for a code signing key using IE7 on Windows Vista. How do I extract the key to use with SignTool? I presume it’s been automatically installed into IE7’s Personal Certificates. Can you provide full instructions for extracting the key and using it to sign a .msi file with SignTool.
Andrew
Hi Andrew. Tech-Pro.net is a Comodo sales affiliate. You should have bought your certificate through us! 
We have articles about code signing at Code Signing for Developers - An Authenticode How-To . I think you will find the answer you need at How To: Export a code signing certificate to a PFX file . You may also find our free drag and drop code signing tool helpful.
I would welcome any feedback if the article could be made clearer.
On a Vista machine you can only use the CSP method which basically when collecting the code sign cert it should automatically install this into the personal store. You can then export the certificate as a .pfx which include the private and public key
Cryptographic service provider is know as a (CSP), for additional information please read the following article as this explains the methodology of an code sign cert.
[i]Microsoft Learn: Build skills that open doors in your career
Export your certificate to a pfx file (be sure to check “Include all certificates in the certification path if possible”).
Install openssl. You can find compiled binaries on www.openssl.org
Extract your private key from the pfx file.
->openssl pkcs12 -in -nocerts -nodes -out
The pfx password will be asked.
Download the pvk transform utility. This file can be found at
[i]http://www.drh-consultancy.demon.co.uk/pvk.html[/i]
→ pvk -in -topvk -strong -out
Extract your certificates from the pfx file.
openssl pkcs12 -in -nokeys -out
The pfx password will be asked.
Transform your pem file to a spc file
->openssl crl2pkcs7 -nocrl -certfile -outform DER -out