C# Generate a non self signed client CX509Certificate Request without a CA using the certenroll.dll

Question

I have a self signed root certificate that I generated in C# using CERTENROLL.dll\'s CX509CertificateRequest Certificate functionality.

I would like to write a fun

Answer 1

I was able to solve this.

The encoding of SEScert is a hex string not base64 also the machine context should be set to true not false the correct code looks as follows:

ISignerCertificate signerCertificate = new CSignerCertificate();
signerCertificate.Initialize(true, X509PrivateKeyVerify.VerifyNone,EncodingType.XCN_CRYPT_STRING_HEX, SEScert.GetRawCertDataString());
cert.SignerCertificate = (CSignerCertificate)signerCertificate; 

Hope this helps others in the future.