x509certificate2

问题 Using framework 4.5.1 and the following requirement, am I doing this right? the URL in the certificate must match the given URL the certificate must be valid and trusted the certificate must not be expired The following passes, but is this sufficient? In particular does the call to chain.Build(cert) satisfy #2 above? protected bool ValidateDigitalSignature(Uri uri) { bool isValid = false; X509Certificate2 cert = null; HttpWebRequest request = WebRequest.Create(uri) as HttpWebRequest; using

问题 I have the following C# code, constructing an https call with a custom certificate. When using Tls 1.1, the call works fine. When using Tls 1.2 the call breaks. I using curl, using tls 1.2 works fine as well. C# Code: X509Certificate2Collection collection = new X509Certificate2Collection(); collection.Import("C:\\SomePath\\MyCertificate.pfx", "MyPassword", X509KeyStorageFlags.PersistKeySet); var cert = collection[0]; ServicePointManager.SecurityProtocol = ...; ServicePointManager

问题 I'm attempting to work with an X509 certificate that was originally imported into the CurrentUser keystore on a Windows 10 computer using the "Certificates" snap-in of an MMC. The same procedure has been tested on a Windows 8.1 computer with the same result. Using the standard PowerShell PKI module, I'm getting an X509Certificate2 object using Get-Item: $my_cert = Get-Item Cert:\CurrentUser\My\ADAA82188A17THUMBPRINTXXXXXXXXXXX The output of $my_cert | fl * is as follows: PSPath : Microsoft

问题 I'm attempting to work with an X509 certificate that was originally imported into the CurrentUser keystore on a Windows 10 computer using the "Certificates" snap-in of an MMC. The same procedure has been tested on a Windows 8.1 computer with the same result. Using the standard PowerShell PKI module, I'm getting an X509Certificate2 object using Get-Item: $my_cert = Get-Item Cert:\CurrentUser\My\ADAA82188A17THUMBPRINTXXXXXXXXXXX The output of $my_cert | fl * is as follows: PSPath : Microsoft

问题 I am trying to read an X509 certificate using Request.ClientCertificate but nothing is returned. The certificate is definitely being attached to the request because I can get the certificate information from the page sending the request. I have tried reading the certificate from several different places but cannot seem to get it to work. I started with code from this KB Article. In the requested page I tried to print out some information about the certificate but nothing was returned in the

问题 Is there an easy way to get the Subject Alternate Names from an X509Certificate2 object? foreach (X509Extension ext in certificate.Extensions) { if (ext.Oid.Value.Equals(/* SAN OID */"2.5.29.17")) { byte[] raw = ext.RawData; // ?????? parse to get type and name ???????? } } 回答1: Use the Format method of the extension for a printable version. X509Certificate2 cert = /* your code here */; foreach (X509Extension extension in cert.Extensions) { // Create an AsnEncodedData object using the

问题 Is there an easy way to get the Subject Alternate Names from an X509Certificate2 object? foreach (X509Extension ext in certificate.Extensions) { if (ext.Oid.Value.Equals(/* SAN OID */"2.5.29.17")) { byte[] raw = ext.RawData; // ?????? parse to get type and name ???????? } } 回答1: Use the Format method of the extension for a printable version. X509Certificate2 cert = /* your code here */; foreach (X509Extension extension in cert.Extensions) { // Create an AsnEncodedData object using the

问题 I am using the following code and get HttpRequestException exception: using (var handler = new HttpClientHandler()) { handler.ClientCertificateOptions = ClientCertificateOption.Manual; handler.SslProtocols = SslProtocols.Tls12; handler.ClientCertificates.Add(new X509Certificate2(@"C:\certificates\cert.pfx")); // I also tried to add another certificates that was provided to https access // by administrators of the site, but it still doesn't work. //handler.ClientCertificates.Add(new

问题 I'm trying to implement authentication for MasterCard Match, as part of their following documentation, they have a sample private key: https://developer.mastercard.com/portal/display/api/OAuth+Validation On that page, they have two versions of the key, one in base64 encoded text, visible on the page, and a .p12 file downloadable. How do I import this key to use as an x509certificate2? Whatever I try I get the message "Cannot find the requested object.". I tried digging into it with the .net

问题 I am impersonating a service user account in order to connect to a webservice that requires a cert to connect. I have installed the client cert on the service account on the machine which is running the code however I receive the error System.Security.Cryptography.CryptographicException: The system cannot find the file specified. using (var ctx = new ImpersonationContext("svcAcctUserName", "domain", "password")) { var clientCert = new X509Certificate2("filePath", "certPassword"); } The