Beispiel #1
0
        public string CreateECDsaCertificatePFX(string dnsName, DateTimeOffset validFrom, DateTimeOffset validTo, string password)
        {
            var basicConstraints = new BasicConstraints
            {
                CertificateAuthority    = false,
                HasPathLengthConstraint = false,
                PathLengthConstraint    = 0,
                Critical = false
            };

            var san = new SubjectAlternativeName
            {
                DnsName = new List <string> {
                    dnsName
                }
            };

            var x509KeyUsageFlags = X509KeyUsageFlags.DigitalSignature;

            // only if certification authentication is used
            var enhancedKeyUsages = new OidCollection {
                new Oid("1.3.6.1.5.5.7.3.1"),  // TLS Server auth
                new Oid("1.3.6.1.5.5.7.3.2"),  // TLS Client auth
            };

            var certificate = _createCertificates.NewECDsaSelfSignedCertificate(
                new DistinguishedName {
                CommonName = dnsName
            },
                basicConstraints,
                new ValidityPeriod
            {
                ValidFrom = validFrom,
                ValidTo   = validTo
            },
                san,
                enhancedKeyUsages,
                x509KeyUsageFlags,
                new ECDsaConfiguration()
            {
            });
            var ecdsaCertPfxBytes = _importExportCertificate.ExportSelfSignedCertificatePfx(password, certificate);

            var pfxBase64 = Convert.ToBase64String(ecdsaCertPfxBytes);

            return(pfxBase64);
        }
Beispiel #2
0
        public void CreateCert()
        {
            ServiceProvider sp = new ServiceCollection()
                                 .AddCertificateManager()
                                 .BuildServiceProvider();

            _cc = sp.GetService <CreateCertificates>();

            X509Certificate2 oldRsaCert = CreateRsaCertificate("localhost_IS_test_old", 1);

            X509Certificate2 rsaCert = CreateRsaCertificate("localhost_IS_test", 10);

            string password             = "******";
            ImportExportCertificate iec = sp.GetService <ImportExportCertificate>();

            RsaCertPfxBytes =
                iec.ExportSelfSignedCertificatePfx(password, rsaCert);
            byte[] OldRsaCertPfxBytes =
                iec.ExportSelfSignedCertificatePfx(password, oldRsaCert);

            Certificate = new X509Certificate2(RsaCertPfxBytes, password);

            OldCertificate = new X509Certificate2(OldRsaCertPfxBytes, password);
        }