Is there any way to convert a Org.BouncyCastle.X509.X509Certificate to System.Security.Cryptography.X509Certificates.X509Certificate2?
The inverse operation is easy, combining Org.BouncyCastle.X509.X509CertificateParser with System.Security.Cryptography.X509Certificates.X509Certificate2.Export().
Easy!!
using B = Org.BouncyCastle.X509; //Bouncy certificates using W = System.Security.Cryptography.X509Certificates; W.X509Certificate2 certificate = new W.X509Certificate2(); certificate.Import(pdfCertificate.GetEncoded()); And now I can validate certificate chain in the server:
W.X509Chain ch = new W.X509Chain(); ch.ChainPolicy.RevocationMode = W.X509RevocationMode.NoCheck; if (!ch.Build(certificate)) res |= ErroresValidacion.CAInvalida; Useful to validate pdf certifcates extracted with iTextSharp.
I guess that is the best answer:
var cert = pdf.Certificates[0];//Org.BouncyCastle.X509.X509Certificate var cert50 = new X509Certificate(); cert50.Import(cert.GetEncoded()); From https://github.com/dotnet/corefx/wiki/ApiCompat :
Most users of X509Certificate and X509Certificate2 objects assume that the object is immutable except for the Reset()/Dispose() methods, the use of Import violates this assumption.
In other words, trying to use import throws an exception in .net core. You should now use:
new X509Certificate(cert.GetEncoded()); but, according to the .net API analyzer (https://docs.microsoft.com/en-us/dotnet/standard/analyzers/api-analyzer),
warning PC001: X509Certificate2.X509Certificate2(byte[]) isn't supported on macOS