本文介绍了转换证书和私钥在C#编程.PFX的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧! 问题描述 我有一个成功的LetsEncrypt证书请求输出.cer文件。 我有用于创建LetsEncrypt证书签名请求(CSR)的原始私钥 现在,我们需要以编程方式将这两个文件合并成使用.NET 由于IIS的一个PFX包我们试图做到这一点编程pvk2pfx是不实际的,我们想避免的OpenSSL如果可能的话。 要证明虽然,我们正试图复制这一功能,但使用替代pvk2pfx CS .NET: pvk2pfx.exe -pvk Server.pvk -spc Server.cer -pfx Server.pfx 我已经详尽地研究和下面是我看到的可能性: 一个方法好像是用X509Certificate2是这样的: //导入certficate X509Certificate2证书=新X509Certificate2(C:\\cert.cer); //导入私钥 X509Certificate2证书=新X509Certificate2(C:\\key.pvk); //或导入私钥 - 替代方法 X509DecryptString(令牌,@C:\CA.pvk,输入mypassword); //导出PFX文件 certificate.Export(X509ContentType.Pfx,你的密码); File.WriteAllBytes(@C:\YourCert.pfx,certificateData); 下面是一些其他的方法,但所有这些似乎并省略私钥的一部分,也需要pvk2pfx.exe 从证书文件转换为PFX文件 HTTP ://stackoverflow.com/a/4797392/3693688 如何以编程方式创建一个X509Certificate2? http://www.wiktorzychla.com/2012 /12/how-to-create-x509certificate2.html 选择,创建和Find X509证书:的 http://www.wou.edu/~rvitolo06/WATK/Demos/ HPCImageRendering /代码/ ImageRendering / AppConfigure / CertHelper.cs 不能导出生成的证书与私钥字节数组的无法导出生成的证书与私钥字节数组在.NET 4.0 / 4.5 如何以编程方式导入PFX用铁链证书到证书存储。 http://stackoverflow.com/a/9152838/3693688 导入.CER和.pvk证书文件C#编程为使用的netsh的http添加的sslcert 的 https://gist.github.com/BrandonLWhite/235fa12247f6dc827051 方法CER转换为PFX证书 https://gist.github.com/domgreen/988684 任何帮助,不胜感激: - ) 编辑1 CryptoGuy建议我们需要这个链接:的 https://gist.github.com/BrandonLWhite/235fa12247f6dc827051 这是否意味着这样的事情会好? 是必要的CSP部分? 谢谢! 使用System.Security.Cryptography.X509Certificates; 使用System.Security.Cryptography; VAR公钥= AssemblyUtility.GetEmbeddedFileAsByteArray(Cert.cer); 变种PrivateKey = AssemblyUtility.GetEmbeddedFileAsByteArray(PrivateKey.pvk); 无功证书=新X509Certificate2(公钥,的String.Empty, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable); 变种cspParams =新CspParameters { ProviderType = 1,标志= CspProviderFlags.UseMachineKeyStore, KeyContainerName = Guid.NewGuid()。toString()方法。ToUpperInvariant( )}; 变种RSA =新的RSACryptoServiceProvider(cspParams); rsa.ImportCspBlob(ExtractPrivateKeyBlobFromPvk(PrivateKey)); rsa.PersistKeyInCsp = TRUE; certificate.PrivateKey = RSA; certificate.Export(X509ContentType.Pfx,你的密码); File.WriteAllBytes(@C:\YourCert.pfx,certificateData); 解决方案 CryptoGuy的回答是真正有用的和正确的指出美国。方向 我们仍在努力导入二进制DER文件,但是这个代码固定的: VAR OC = OpenSSL.X509.X509Certificate.FromDER(生物); 这些页面是有用的: https://github.com/openssl-net/ OpenSSL的网/ BLOB /主/ ManagedOpenSsl / X509 / X509Certificate.cs 的 https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509certificate2.rawdata 感谢所有您的帮助:) I have a .cer file output from a successful LetsEncrypt certificate request.I have the original Private Key used to create the Certificate Signing Request (CSR) for LetsEncrypt.Now we need to programmatically combine these two files into a PFX bundle for IIS using .NETSince we are trying to to do this programmatically pvk2pfx is not practical, and we would like to avoid openssl if possible.To demonstrate though, we are trying to replicate this function but using CS .NET instead of pvk2pfx:pvk2pfx.exe -pvk Server.pvk -spc Server.cer -pfx Server.pfxI have researched exhaustively and here are the possibilities I see:One method seems to be using X509Certificate2 something like:// Import the certficateX509Certificate2 cert = new X509Certificate2("c:\\cert.cer");// Import the private keyX509Certificate2 cert = new X509Certificate2("c:\\key.pvk");// Or import the private key - Alternative methodX509DecryptString(token, @"c:\CA.pvk", "mypassword");// Export the PFX filecertificate.Export(X509ContentType.Pfx, "YourPassword");File.WriteAllBytes(@"C:\YourCert.pfx", certificateData);Here are some other methods but all of them seem to omit the part about the Private Key or they require pvk2pfx.exeConversion from cert file to pfx filehttp://stackoverflow.com/a/4797392/3693688How to create a X509Certificate2 programmatically?http://www.wiktorzychla.com/2012/12/how-to-create-x509certificate2.htmlSelect, Create and Find X509 Certificates:http://www.wou.edu/~rvitolo06/WATK/Demos/HPCImageRendering/code/ImageRendering/AppConfigure/CertHelper.csCannot export generated certificate with private key to byte arrayCannot export generated certificate with private key to byte array in .net 4.0/4.5How to programmatically import a pfx with a chain of certificates into the certificate store.http://stackoverflow.com/a/9152838/3693688Import .cer and .pvk certificate files programmatically in C# for use with netsh http add sslcerthttps://gist.github.com/BrandonLWhite/235fa12247f6dc827051Method to convert cer to pfx certhttps://gist.github.com/domgreen/988684Any help greatly appreciated :-)EDIT 1CryptoGuy suggested we need this link:https://gist.github.com/BrandonLWhite/235fa12247f6dc827051Does that mean something like this would be good?Are the CSP parts necessary?Thanks!using System.Security.Cryptography.X509Certificates;using System.Security.Cryptography; var PublicKey = AssemblyUtility.GetEmbeddedFileAsByteArray("Cert.cer"); var PrivateKey = AssemblyUtility.GetEmbeddedFileAsByteArray("PrivateKey.pvk"); var certificate = new X509Certificate2(PublicKey, string.Empty, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable); var cspParams = new CspParameters { ProviderType = 1, Flags = CspProviderFlags.UseMachineKeyStore, KeyContainerName = Guid.NewGuid().ToString().ToUpperInvariant() }; var rsa = new RSACryptoServiceProvider(cspParams); rsa.ImportCspBlob(ExtractPrivateKeyBlobFromPvk(PrivateKey)); rsa.PersistKeyInCsp = true; certificate.PrivateKey = rsa; certificate.Export(X509ContentType.Pfx, "YourPassword"); File.WriteAllBytes(@"C:\YourCert.pfx", certificateData); 解决方案 CryptoGuy's answer was really helpful and pointed us in the right direction.We were still struggling to import a Binary DER file but this code fixed that:var oc = OpenSSL.X509.X509Certificate.FromDER(bio);These pages were useful:https://github.com/openssl-net/openssl-net/blob/master/ManagedOpenSsl/X509/X509Certificate.cshttps://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509certificate2.rawdataThanks all for your help :) 这篇关于转换证书和私钥在C#编程.PFX的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持! 09-13 10:54