If you are using SIF Version 1.1.0 to generate Self-Signed Certificates and need to export these to other machines as part of a scaled environment, you may find that you are unable to export the Private Keys along with the certificate. In fact, the option to export is grayed out:
SIF Version 1.1.0 Created Certificate: No Exporting of Private Keys Option:
This is due to a bug with SIF Version 1.1.0 not allowing the Private Key to exported upon creating the Self-Signed Certificate. If you attempt to use PowerShell to export the certificate, you are likely to get the following error:
Export-PfxCertificate : Cannot export non-exportable private key. At line:3 char:1 + Export-PfxCertificate -cert $path -FilePath c:\Certificates\cert.pfx ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Export-PfxCertificate], Win32Exception + FullyQualifiedErrorId : System.ComponentModel.Win32Exception,Microsoft.CertificateServices.Commands.ExportPfxCertificate
To resolve this issue, update your SIF Version to 1.2.0, as this version creates certificates which allow the export of the private key. The following is one method for updating the SIF via PowerShell:
# Install SIF from GET and Check for Updates Register-PSRepository -Name SitecoreGallery -SourceLocation https://sitecore.myget.org/F/sc-powershell/api/v2 Install-Module SitecoreInstallFramework -Force Update-Module SitecoreInstallFramework -Force
Doing so will result in being able to export Self-Signed Certificates with the Private Key for import and usage on the appropriate servers in your Sitecore 9 Environment.
SIF Version 1.2.0 Created Certificate: Allows Exporting of Private Keys Option: