How do you extract a private-key string from a .p12 file?

Question

I'm trying to access the Google Analytics API from a VB.NET server application. My app falls into the category of a "service account" application, so I'm not requesting credentials from the user--the app has its own credentials, which it uses to retrieve data from Google to show to the user.

The service-account OAuth2 workflow requires the application to generate a JWT (JSON Web Token) as a means of authenticating itself. I found a .NET library to generate these tokens, but I'm a little confused on which "key" to give this library. In the library's documentation, the example key given is a base-64-looking string of numbers and uppercase and lowercase letters. But what I have is a .p12 private-key file and the corresponding password. How can I extract some kind of textual key from this key file?

I tried to do something like

Dim cert As New X509Certificate2("C:\Users\xxxxx\private.p12", "notasecret")
Dim certData As Byte() = cert.Export(X509ContentType.Pkcs12, "notasecret")

but this leaves me with a byte array, not a string. Am I on the right track here?

Answer 1

I believe I've figured out what to do:

Dim PrivateKeyPath As String = "C:\Users\xxxxx\privatekey.p12"
Dim CertificatePassword As String = "notasecret"

Dim cert As New X509Certificate2(PrivateKeyPath, CertificatePassword,
                                 X509KeyStorageFlags.Exportable)
Dim certData As Byte() = cert.Export(X509ContentType.Pkcs12, CertificatePassword)
Dim keyString As String = Convert.ToBase64String(certData)

As @Jim Mischel pointed out, I just needed to encode the key data in base-64.

By the way, adding the X509KeyStorageFlags.Exportable flag fixed a CryptographicException (“Key not valid for use in specified state.”) while trying to export the key.