private void CloneCertChain(Uri url, string destination) { IProxyClientFactory factory = proxyClientControl.Client; if (factory == null) { factory = new IpProxyClientFactory(); } ProxyClient client = factory.Create(new Logger()); collection = new X509Certificate2Collection(); using (IDataAdapter adapter = client.Connect(new IpProxyToken(null, url.Host, url.Port, IpProxyToken.IpClientType.Tcp, false), new Logger(), new Nodes.MetaDictionary(), new Nodes.MetaDictionary(), new PropertyBag(), new Security.CredentialsManagerService())) { DataAdapterToStream stm = new DataAdapterToStream(adapter); using (SslStream ssl = new SslStream(stm, false, VerifyCallback)) { ssl.AuthenticateAsClient(url.Host); } } if (collection.Count > 0) { File.WriteAllBytes(Path.Combine(destination, String.Format("certchain_{0}.pfx", url.Host)), collection.Export(X509ContentType.Pfx)); int count = 1; foreach (X509Certificate2 cert in collection) { string path = Path.Combine(destination, String.Format("cert_{0}_{1}.cer", url.Host, count++)); File.WriteAllText(path, CertificateUtils.ExportToPEM(cert) + CertificateUtils.ExportToPEM((RSA)cert.PrivateKey, null)); } } }
/// <summary> /// Export the given certificate collection as an UNSIGNED bundle /// </summary> /// <param name="certs">Certificates to place in the bundle</param> /// <returns>p7b data</returns> public static byte[] Create(X509Certificate2Collection certs) { return certs.Export(X509ContentType.Pkcs7); }
/// <summary> /// Export the given certificate collection as a SIGNED bundle /// </summary> /// <param name="certs">Certificates to place in the bundle</param> /// <param name="signingCert">Signing certificate</param> /// <returns>p7s data</returns> public static byte[] CreateSigned(X509Certificate2Collection certs, X509Certificate2 signingCert) { if (signingCert == null || !signingCert.HasPrivateKey) { throw new ArgumentException("signingCert"); } byte[] p7bData = certs.Export(X509ContentType.Pkcs7); SignedCms cms = new SignedCms(new ContentInfo(p7bData), false); CmsSigner signer = new CmsSigner(signingCert); signer.IncludeOption = X509IncludeOption.EndCertOnly; cms.ComputeSignature(signer, true); return cms.Encode(); }
/// <summary> /// Exports this store as a keyfile /// </summary> /// <param name="filePath">The path to which to export.</param> /// <param name="password">The password for the new keyfile</param> /// <param name="type">The <see cref="X509ContentType"/> for the new keyfile.</param> public void ExportKeyFile(string filePath, string password, X509ContentType type) { X509Certificate2Collection certs = new X509Certificate2Collection(); certs.Add(this); byte[] blob = certs.Export(type, password); System.IO.File.WriteAllBytes(filePath, blob); }