private void Sign(X509Certificate2 certificate, string pathToOvf, string ovfFileName) { Description = Messages.SIGNING_APPLIANCE; var packageName = Path.GetFileNameWithoutExtension(ovfFileName); string manifestFileName = packageName + Package.MANIFEST_EXT; string manifestPath = Path.Combine(pathToOvf, manifestFileName); CheckForCancellation(); FileDigest fileDigest; using (FileStream stream = new FileStream(manifestPath, FileMode.Open, FileAccess.Read, FileShare.Read)) { var signedHash = StreamUtilities.ComputeSignedHash(stream, certificate, out var hashAlgorithm); fileDigest = new FileDigest(manifestFileName, signedHash, hashAlgorithm); } string signatureFileName = packageName + Package.CERTIFICATE_EXT; string signaturePath = Path.Combine(pathToOvf, signatureFileName); using (FileStream stream = new FileStream(signaturePath, FileMode.Create, FileAccess.Write, FileShare.None)) using (StreamWriter writer = new StreamWriter(stream)) { writer.WriteLine(fileDigest.ToManifestLine()); // Export the certificate encoded in Base64 using DER string b64Cert = Convert.ToBase64String(certificate.Export(X509ContentType.SerializedCert)); writer.WriteLine("-----BEGIN CERTIFICATE-----"); writer.WriteLine(b64Cert); writer.WriteLine("-----END CERTIFICATE-----"); writer.Flush(); } log.Info($"Digitally signed package {ovfFileName}"); }