/// <summary> /// Certificate constructor to intialize objects and values required to create a certificate /// </summary> public Certificate() { try { // Create objects required objCertRequest = new CX509CertificateRequestCertificate(); objCSP = new CCspInformation(); objCSPs = new CCspInformations(); objDN = new CX500DistinguishedName(); objEnroll = new CX509Enrollment(); objObjectId = new CObjectId(); objPrivateKey = (IX509PrivateKey)Activator.CreateInstance(Type.GetTypeFromProgID("X509Enrollment.CX509PrivateKey")); // Friendly name this.FriendlyName = ""; // Set default values. Refer to https://msdn.microsoft.com/en-us/library/windows/desktop/aa374846(v=vs.85).aspx this.CryptographicProviderName = "Microsoft Enhanced Cryptographic Provider v1.0"; this.KeySize = 2048; // Use key for encryption this.KeySpec = X509KeySpec.XCN_AT_KEYEXCHANGE; // The key can be used for decryption this.KeyUsage = X509PrivateKeyUsageFlags.XCN_NCRYPT_ALLOW_DECRYPT_FLAG; // Create for user and not machine this.MachineContext = false; // Default to expire in 1 year this.ExpirationLengthInDays = 365; // Let th private key be exported in plain text this.ExportPolicy = X509PrivateKeyExportFlags.XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG; // This is intended for a computer this.EnrollmentContextMachine = X509CertificateEnrollmentContext.ContextUser; // Use a hasing algorithm this.ObjectIdGroupId = ObjectIdGroupId. XCN_CRYPT_HASH_ALG_OID_GROUP_ID; this.ObjectIdPublicKeyFlags = ObjectIdPublicKeyFlags.XCN_CRYPT_OID_INFO_PUBKEY_ANY; this.AlgorithmFlags = AlgorithmFlags.AlgorithmFlagsNone; // Use SHA-2 with 512 bits this.AlgorithmName = "SHA512"; this.EncodingType = EncodingType.XCN_CRYPT_STRING_BASE64; // Allow untrusted certificate to be installed this.InstallResponseRestrictionFlags = InstallResponseRestrictionFlags.AllowUntrustedCertificate; // No password set this.Password = null; // Enable key to be exported, keep the machine set, and persist the key set // https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509keystorageflags(v=vs.110).aspx this.ExportableFlags = X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet; } catch (Exception ex) { throw ex; } }
/// <summary> /// Certificate constructor to intialize objects and values required to create a certificate /// </summary> public Certificate() { try { // Create objects required objCertRequest = new CX509CertificateRequestCertificate(); objCSP = new CCspInformation(); objCSPs = new CCspInformations(); objDN = new CX500DistinguishedName(); objEnroll = new CX509Enrollment(); objObjectId = new CObjectId(); objPrivateKey = (IX509PrivateKey)Activator.CreateInstance(Type.GetTypeFromProgID("X509Enrollment.CX509PrivateKey")); // Friendly name this.FriendlyName = ""; // Set default values. Refer to https://msdn.microsoft.com/en-us/library/windows/desktop/aa374846(v=vs.85).aspx this.CryptographicProviderName = "Microsoft Enhanced Cryptographic Provider v1.0"; this.KeySize = 2048; // Use key for encryption this.KeySpec = X509KeySpec.XCN_AT_KEYEXCHANGE; // The key can be used for decryption this.KeyUsage = X509PrivateKeyUsageFlags.XCN_NCRYPT_ALLOW_DECRYPT_FLAG; // Create for user and not machine this.MachineContext = false; // Default to expire in 1 year this.ExpirationLengthInDays = 365; // Let th private key be exported in plain text this.ExportPolicy = X509PrivateKeyExportFlags.XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG; // This is intended for a computer this.EnrollmentContextMachine = X509CertificateEnrollmentContext.ContextUser; // Use a hasing algorithm this.ObjectIdGroupId = ObjectIdGroupId.XCN_CRYPT_HASH_ALG_OID_GROUP_ID; this.ObjectIdPublicKeyFlags = ObjectIdPublicKeyFlags.XCN_CRYPT_OID_INFO_PUBKEY_ANY; this.AlgorithmFlags = AlgorithmFlags.AlgorithmFlagsNone; // Use SHA-2 with 512 bits this.AlgorithmName = "SHA512"; this.EncodingType = EncodingType.XCN_CRYPT_STRING_BASE64; // Allow untrusted certificate to be installed this.InstallResponseRestrictionFlags = InstallResponseRestrictionFlags.AllowUntrustedCertificate; // No password set this.Password = null; // Enable key to be exported, keep the machine set, and persist the key set // https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509keystorageflags(v=vs.110).aspx this.ExportableFlags = X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet; } catch (Exception ex) { throw ex; } }