x509certificate2

I am trying to use X509Certificate2.CreateFromCertFile() method in an ASP.NET Core application, but it seems like it's not supported for .NET Core. Is there an alternative way of creating an X509Certificate2 object from a cert/pfx file? Maybe something like this? public Certificate CreateFromCertFile() { string cerFile = @"c:\cer.txt"; string keyFile = @"c:\key.txt"; var cert = new X509Certificate2(cerFile); cert.PrivateKey = CreateRSAFromFile(keyFile); return cert; } private RSACryptoServiceProvider CreateRSAFromFile(string filename) { byte[] pvk = null; using (var fs = File.Open(filename,

I'm trying to port a piece of Java code into .NET that takes a Base64 encoded string, converts it to a byte array, and then uses it to make a X.509 certificate to get the modulus & exponent for RSA encryption. This is the Java code I'm trying to convert: byte[] externalPublicKey = Base64.decode("base 64 encoded string"); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(externalPublicKey); Key publicKey = keyFactory.generatePublic(publicKeySpec); RSAPublicKey pbrtk = (java.security.interfaces.RSAPublicKey) publicKey; BigInteger modulus

Sample code: CspParameters cspParameters = new CspParameters(); cspParameters.ProviderType = 1; // PROV_RSA_FULL // Create the crypto service provider, generating a new // key. mRsaCSP = new RSACryptoServiceProvider(mDefaultKeyLength, cspParameters); mRsaCSP.PersistKeyInCsp = true; RSAParameters privateKey = mRsaCSP.ExportParameters(true); byte[] rsaBytes = mRsaCSP.ExportCspBlob(true); try { X509Certificate2 cert = new X509Certificate2(rsaBytes); mKeyDataPfx = Convert.ToBase64String(cert.Export(X509ContentType.Pkcs12, password)); } catch (Exception ce) { string error = ce.Message; } Here is my

I'm developing ASP.NET 4.0 web application, and I want to read the current user certificates from X509Store. Reading the LocalMachine certificates works fine, but if I set the StoreLocation to CurrentUser, it gives me an empty collection. The following code works fine : X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); // StoreLocation.CurrentUser store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); I've checked my personal store (via certmgr.mmc) and I'm sure that I have the certificates. What am I missing ? ( store.Certificates is empty ) It appears that you

We are deciding whether "localhost" (and similarly address like "127.0.0.1") should be added as one of the subject alternative names in the certificate. One benefit might be to facilitate local testing. But will there be any drawback? Is it a good idea (or bad) to add localhost in Subject Alternative Name? It depends on the standards you follow and your security posture. First things first (for the discussion below). A Fully Qualified Domain Name (FQDN) must be defined. That definition is taken from W. Richard Steven's TCP/IP Illustrated Volume I: The Protocols (p. 189): A domain name that

Facing a really strange issue X509Certificate2.Verify() returning false for a valid certificate. Maybe some has already faced this strange scenario before and can shine some light on it. I am using openssl to generate client certificates for testing purposes. I create a Root CA and generate a client certificate based on that Root CA and add the Root CA to its chain. I load the Root CA and the Client Cert to the local certificate store and it seems ok there but when I load it from my NUnit code to test X509Certificate2.Verify() always returns false. Here is the code to load the Cert from the

What I currently do is that I use OpenSSL to generate PFX file. This is causing an unwanted dependency, especially for Windows users. So I found some examples on how to create your own certificate using BouncyCastle, but this library is not .NET Core compatible (or I failed to find the compatible package). So, is it possible to create your own self signed X509 certificate using just .NET core to avoid dependency on OpenSSL (or any other certificate generating external tool)? EDIT: It was suggested by someone (editor?) that this SO question How to create a self-signed certificate using C#?

I have a X509Certificate in java and I want to get the value of the Policy Identifier which there exists in the Certificate Policies field, as depicted in the following picture: Also, I want to get the value of the Subject Type in Basic Constraints field, as depicted in the following picture: My code: public static void main(String[] args) throws Exception { CertificateFactory cf = CertificateFactory.getInstance("X509"); InputStream in = new FileInputStream(new File("E:\\myCert.crt")); X509Certificate cert = (X509Certificate) cf.generateCertificate(in); int length = cert