SSL with private key on an HSM

后端未结

关注

 5  555

醉梦人生 2021-01-06 19:03

I have a client-server architecture in my application that uses SSL. Currently, the private key is stored in CAPI\'s key store location. For security reasons, I\'d like to

5条回答

南笙 (楼主)

2021-01-06 19:44

If the HSM comes with CAPI CSP with can do the following:

var certificate = new X509Certificate2(pathToPublicCert);

var cspParameters = new CspParameters()
{
   ProviderType = 1, /* Use 1 instead of 24 (the default) */
   ProivderName = "My HSM Cryptographic Provider Name",
   KeyContainerName = "My Private Key Container Name",
   KeyNumber = 1, /* Key exchange key */
   Flags = CspProviderFlags.UseExistingKey | CspProviderFlags.UseNonExportableKey,
};

var privateKey = new RSACryptoServiceProvider(cspParameters);

certificate.PrivateKey = privateKey;

This should work. Note that if you use 24 instead of 1 for provider type this might not work (it does not at least for the default CSP).

0 讨论(0)

查看其它5个回答