private byte[] GenerateRootCertificate() { string commonName = $"Test Authority {DateTime.UtcNow:MM/yyyy}"; DateTimeOffset notBefore = DateTimeOffset.UtcNow.AddHours(-2); DateTimeOffset notAfter = DateTimeOffset.UtcNow.AddYears(5); SecureRandom random = GenerateRandom(); ICertificateBuilder builder = builderFactory(random); AsymmetricCipherKeyPair keyPair = CertificateBuilder2.GenerateKeyPair(2048, GenerateRandom()); CertificateWithKey certificate = builder .WithSubjectCommonName(commonName) .WithKeyPair(keyPair) .SetNotAfter(notAfter) .SetNotBefore(notBefore) .WithBasicConstraints(BasicConstrainsConstants.CertificateAuthority) //.WithKeyUsage() .WithAuthorityKeyIdentifier(keyPair) .WithSubjectKeyIdentifier() .SetIssuer(builder.Subject) .Generate(); return(ConvertToPfx(certificate.Certificate, (RsaPrivateCrtKeyParameters)keyPair.Private, Password)); }
public byte[] GenerateSslCertificate(PfxCertificateRequest request) { DateTimeOffset notBefore = DateTimeOffset.UtcNow.AddHours(-2); DateTimeOffset notAfter = DateTimeOffset.UtcNow.AddDays(request.ValidtyInDays); SecureRandom random = randomService.GenerateRandom(); CertificateBuilder2 builder = builderFactory(random, SignerCertificate); AsymmetricCipherKeyPair keyPair = CertificateBuilder2.GenerateKeyPair(2048, random); X509Name signerSubject = new X509CertificateParser().ReadCertificate(SignerCertificate.Certificate.RawData) .IssuerDN; CertificateWithKey certificate = builder.WithSubjectCommonName(request.CommonName) .WithKeyPair(keyPair) .SetIssuer(signerSubject) .SetNotAfter(notAfter) .SetNotBefore(notBefore) .WithSubjectAlternativeName(request.Hostnames, request.IpAddresses) .WithBasicConstraints(BasicConstrainsConstants.EndEntity) .WithExtendedKeyUsage() .WithAuthorityKeyIdentifier(SignerCertificate.KeyPair) .Generate(SignerCertificate.KeyPair); return(ConvertToPfx(certificate.Certificate, (RsaPrivateCrtKeyParameters)keyPair.Private, request.Password)); }