I have downloaded the trial version of your software and was testing its possibilities and features. It is good piece of software and the company I am working for is thinking about purchasing it (we would use it with Visual FoxPro and Delphi)
During the testing I found that the Certificate I try to export from under Internet Explorer does contain Private Key even if I didn't ask for it.
I did the following:
Internet Explorer -> Tools -> Internet Options -> Content Tab ->
Certificates -> Certificates ...
There I selected the certificate I wanted to export without the Private Key so I followed the "Certificate Export Wizard" to create a
"DER encoded binary X.509 (.CER)" file.
To my surprise, Chilkat software indicated that the Private Key was included within the certificate file.
Am I doing something wrong, or Internet Explorer is not able to extract the public key only ? Or maybe the Chilkat software checks the existing certificates within the system and shows the full certificate ?
The private key is never stored in a .cer file (the file format does not support it). In fact, the private key is not stored
with the certificate in a certificate store. When a certificate is originally imported (from a .pfx for example) the public/private key pair
is imported into something called the "Windows Protected Store", which is specific to the currently logged-on user, or it could be the machine's protected store. The underlying Microsoft cryptographic systems are able to find the matching private key in the protected store to tell you if the certificate has the private key installed on the system.