🟣Certreq

Create a new file on your computer and name it cert_ssh_9a.txt

[NewRequest]
Subject = "CN=Your Name (Auth), OU=Organizational Unit, O=Organization, C=US"
KeyLength = 2048
HashAlgorithm = Sha256
Exportable = TRUE
FriendlyName = "Your Name (PIV)"
RequestType = Cert
SMIME = FALSE
ValidityPeriodUnits = 99
ValidityPeriod = Years

Open Command Prompt, Powershell, Terminal and navigate to the folder where you created cert_ssh_9a.txt file and execute the following:

certreq -new .\cert_ssh_9a.txt

Save the .req file to the same folder as the newly created .txt file.

Next, we need to Export the certificate's private key.

• Open the Windows start menu and type: Manage user certificates - (certmgr.exe)

• Click to open the certificate manager program

• Browse to: Certificates – Current User -> Personal -> Certificates

• There you will see a certificate with the name you specified earlier

• Right-click and select: All Tasks -> Export

• Click Next, then select Yes, export the private key, then click Next again

• Click Next, then check the Password: box, and enter a password for the certificate

• Click Next, then Browse… and save the file as username_piv_crtsrc.pfx, then click Next, and finally Finish