英文:
X509CertificateCollection.Import() doesn't import private Key of my .pem Certificate file
问题
以下是翻译好的部分:
"I'm currently implementing an TLS-connection for our communication between our mongo database (Version 4.2) and our software. This is my method I use to import all certificates from a file."
/// <summary> 读取证书文件 </summary>
/// <param name="path"> 证书路径 </param>
/// <param name="password"> 访问文件的密码 </param>
/// <returns> </returns>
public static X509Certificate2Collection ReadCertificateFile(string path, string password) {
var certificateCollection = new X509Certificate2Collection();
certificateCollection.Import(path, password, X509KeyStorageFlags.Exportable);
return certificateCollection;
}
"It works fine with every certificate format except .pem. As far as I can say the private key is in the PEM file but cannot be read.
I used openssl to convert the .pfx file to a .pem file with and without password. Neither of which worked because the private key wasn't imported. I installed .net 6 because they have implemented new methods to import pem files but the same happened there too.
I thank in advance everyone who is trying to help me."
英文:
I'm currently implementing an TLS-connection for our communication between our mongo database (Version 4.2) and our software. This is my method I use to import all certificates from a file.
/// <summary> Reads an certificate file </summary>
/// <param name="path"> Path to the certificate </param>
/// <param name="password"> Password to access the file </param>
/// <returns></returns>
public static X509Certificate2Collection ReadCertificateFile(string path, string password) {
var certificateCollection = new X509Certificate2Collection();
certificateCollection.Import(path, password, X509KeyStorageFlags.Exportable);
return certificateCollection;
}
It works fine with every certificate format except .pem. As far as I can say the private key is in the PEM file but cannot be read.
I used openssl to convert the .pfx file to a .pem file with and without password. Neither of which worked because the private key wasn't imported. I installed .net 6 because they have implemented new methods to import pem files but the same happend there too.
I thank in advance everyone who is trying to help me.
答案1
得分: 0
我自己弄清楚了。只有 PKCS12 格式的证书文件才能用私钥读取。
在这个项目中,我找到了解决我的问题的方法:从 PEM 文件创建带有私钥的 X509 证书。这篇文章解释了如何分别提取证书和私钥,然后将私钥分配给 X509 证书实例。
英文:
I figured it out myself. Only certificate files in the PKCS12 format can be read with the private key.
I found in this project the solution to my problem: Create X509Certificate with Private Key from PEM File. The article explains how to extract the certificate and private key separately and then assign the private key to the X509Certificate instance.
答案2
得分: 0
我安装了.NET 6,因为他们已经实现了导入PEM文件的新方法。
这些新方法是全新的,而不是修改现有的方法。要从两个PEM文件加载证书和密钥,可以使用 X509Certificate2.ImportFromPemFile(pathToCert, pathToKey);如果它们在同一个文件中,你可以要么指定相同的值两次,要么省略第二个参数(X509Certificate2.ImportFromPemFile(pathToJoinedPem))。
英文:
> I installed .net 6 because they have implemented new methods to import pem files
Those new methods are new, not modifying the existing ones. To load a cert and key from two PEM files is with X509Certificate2.ImportFromPemFile(pathToCert, pathToKey); if they're in the same file you can either specify the same value twice or leave off the second parameter (X509Certificate2.ImportFromPemFile(pathToJoinedPem))
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论