x509certificate2

问题 I'm trying to construct an X509Certificate2 from a PKCS#12 blob in a byte array and getting a rather puzzling error. This code is running in a desktop application with administrator rights on Windows XP. The stack trace is as follows, but I got lost trying to troubleshoot because _LoadCertFromBlob is marked [MethodImpl(MethodImplOptions.InternalCall)] . System.Security.Cryptography.CryptographicException: The system cannot find the file specified. at System.Security.Cryptography

问题 is there any convenient way to export private/public keys from .p12 certificate in PEM format using .NET Core ? Without manipulating with bytes at low level? I googled for hours and almost nothing is usable in .net core or it isn't documented anywhere.. Let's have an X509Certificate2 var cert = new X509Certificate2(someBytes, pass); var privateKey = cert.GetRSAPrivateKey(); var publicKey = cert.GetRSAPublicKey(); // assume everything is fine so far And now I need to export the keys as two

问题 I have a PFX certificate with CNG key inside (KSP provider information is specified in the PFX). I can't find a way to import the certificate in .NET in the way that would allow private key export in plain text (MS-CAPI format). var cert = new X509Certificate2(pfxBytes,password,X509KeyStorageFlags.Exportable); then I use this handle to acquire private key context by calling CryptAcquireCertificatePrivateKey function with enabled flag to allow CNG keys. The call succeeds. When I call

问题 I have an ECC private and a certificate file which includes the public key. I can get them in either PEM or DER formats. I can read the certificate into an X509Certificate with this code: var certbytes = File.ReadAllBytes("certificate.pem"); var cert = new X509Certificate2(certbytes); But I'm unable to load the private key. I've tried this code: var keyContent = File.ReadAllBytes("certificate_private_key.pem"); var key = CngKey.Import(keyContent, CngKeyBlobFormat.EccPrivateBlob); It throws

问题 Creating a X509Certificate2 instance from a byte array works on Windows but fails on Linux with a "CryptographicException". static void Main(string[] args) { var cert = new X509Certificate2(Cert.CertBytes); } On Windows: Valid X509Certificate2 instance is created On Linux: An exception is thrown: {System.Security.Cryptography.CryptographicException: Cannot find the original signer. at Internal.Cryptography.Pal.PkcsFormatReader.TryReadPkcs7(SafePkcs7Handle pkcs7, Boolean single,

问题 I created a private and public key pair using OpenSSL and then I generated a .p12 file to import it into my Windows certstore. The key pair and .p12 files were created in Windows XP and I am trying to use it in Windows 7. I am trying to access the key from within a Web Service (.svc) in IIS. If I try to read the private key from a standalone app, I can do it without any problems, but when I try to read it from my web app, I always get the following exception: 'cert.PrivateKey' threw an

问题 Apple released their New Generation WSDL on the 15 of August this year (2015) and the big change was that every call to the WSDL had to be validated with a certificate file. I've done the process to get the certificate from Apple, and I've whitelisted our server IP, and I've even verified that I can get access to the service endpoint from our server by coding a simple interface using HttpWebRequest where I easily can attach the certificate using webRequest.ClientCertificates.Add(), so I know

问题 I have to generate a X509Certificate2 certficate at runtime from my web application and store it in my database in bytes format. I am using the solution provided here. Using this solution you may be able to generate the certificate but it will also create it in the machine certificate store. I don't need the certificate to be present in the machine certificate store so i delete it from the certificate store after I get the X509Certificate2 object. Additionally, as my web application is

问题 I have a use case for a .NET application that stores certificates in a database. One of the requirements is for the application to reject certificates that contain private keys. The user will upload a certificate file (specifically .CER or .CRT) and the application will import it as an X509Certificate2 object so that I can check the HasPrivakeKey property. I know that .PFX files can contain private keys, but is it possible for .CER or .CRT files to also contain private keys? If so, how can I

问题 I have written a .NET application that tries to do mutual authentication with an ECC client certificate (curve is brainpoolP384r1). The certificate is signed by a PKI and when I look at it in an ASN1 viewer it seems to be perfectly valid. I get the certificate byte data for this the following way: Console.WriteLine($"Certificate:{BitConverter.ToString(cert.RawData).Replace("-","")}"); Looking at the certificate in the MMC console it also appears to be valid. However, when I try to use it to