PKI administrators often assume that the option in the certificate template to not allow the private key for export is mandatory.
However, this is not the case. This is merely a default setting that the requester can change at any time when making the certificate request manually.
Furthermore, even a key generated as non-exportable is not safe from export. For this exist relevant toolsto export such certificates including keys.
3 thoughts on “Wie sicher ist die Einstellung „Allow private key to be exported“ in den Zertifikatvorlagen?”
Comments are closed.