Access the Windows system certificate and key store. This module is a native addon. It will only successfully work on Windows. No prebuilt binaries are currently provided.
Export a certificate and its corresponding private key from the Windows CA store.
Valid options are:
subject
: Subject line of the certificate/key as a string.thumbprint
: Thumbprint of the certificate/key as a Uint8Array. Eithersubject
orthumbprint
must be provided.store
: Optional Windows certificate store name. Default:MY
.storeTypeList
: Optional array of Windows certificate store types to try. Default:['CERT_SYSTEM_STORE_LOCAL_MACHINE', 'CERT_SYSTEM_STORE_CURRENT_USER']
.requirePrivKey
: Boolean. If set, theREPORT_NO_PRIVATE_KEY | REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY
flags will be passed to the wincrypt API.
This function returns a single certificate (and by default its private key) combination as a .pfx file, along with a random passphrase that has been used for encrypting the file. It will throw an exception if no relevant certificate could be found. The certificate in question can be specified either through its subject line string or its thumbprint.
Export all system certificates (no private keys) matching the given options.
Valid options are:
store
: Optional Windows certificate store name. Default:ROOT
.storeTypeList
: Optional array of Windows certificate store types to try. Default:['CERT_SYSTEM_STORE_LOCAL_MACHINE', 'CERT_SYSTEM_STORE_CURRENT_USER']
.
This functions returns an array of PEM-formatted certificates.
You need to import testkeys\certificate.pfx
manually into your local
CA store in order for the tests to pass. Make sure to import that certificate
with the "exportable private key" option. The password for the file is pass
.