Using X509Certificate2 on Mono - loading with both public and private key?

问题

Right now, I try instantiating an X509Certificate2 like this:

cert = new X509Certificate2(Resources.cred);  

Where Resources.cred is a byte[] representing a .pfx file.
This works absolutely fine on Windows/.NET.

However, running the same code under Mono JIT compiler version 3.2.8 (Debian 3.2.8+dfsg-4ubuntu1) (Mono on Ubuntu Server 14.04 LTS), I get the following exception:

System.TypeInitializationException: An exception was thrown by the type initializer for <snipped irrelevant type name> ---> System.Security.Cryptography.CryptographicException: Unable to decode certificate. ---> System.Security.Cryptography.CryptographicException: Input data cannot be coded as a valid certificate. ---> System.Security.Cryptography.CryptographicException: Input data cannot be coded as a valid certificate.
  at Mono.Security.X509.X509Certificate.Parse (System.Byte[] data) [0x00000] in <filename unknown>:0
  --- End of inner exception stack trace ---
  at Mono.Security.X509.X509Certificate.Parse (System.Byte[] data) [0x00000] in <filename unknown>:0
  at Mono.Security.X509.X509Certificate..ctor (System.Byte[] data) [0x00000] in <filename unknown>:0
  at System.Security.Cryptography.X509Certificates.X509Certificate2.Import (System.Byte[] rawData, System.String password, X509KeyStorageFlags keyStorageFlags) [0x00000] in <filename unknown>:0
  --- End of inner exception stack trace ---
  at System.Security.Cryptography.X509Certificates.X509Certificate2.Import (System.Byte[] rawData, System.String password, X509KeyStorageFlags keyStorageFlags) [0x00000] in <filename unknown>:0
  at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor (System.Byte[] rawData) [0x00000] in <filename unknown>:0
  --- End of relevant stack trace ---  

Should it matter, this certificated is signed with my own CA, and is used in raw RSA.

I have the .pfx, .cer and .pvk files available for this certificate.
How must I proceed to load this certificate with the private key under Mono?

回答1:

This constructor throws an exception:

byte[] pkcs12 = ...;
X509Certificate2 cert = X509Certificate2(pkcs12);

This constructor works:

byte[] pkcs12 = ...;
X509Certificate2 cert = X509Certificate2(pkcs12, string.Empty);

This seems to be a bug so I am going to fix it and send patch to the upstream developers. I will let you know of the progress.

来源：https://stackoverflow.com/questions/24170773/using-x509certificate2-on-mono-loading-with-both-public-and-private-key