public bool GenerateCA(string commonName = "ah101CA") { if (!IsAdmin()) { return(false); } X509Certificate2 caCert = CertificateGenerator.CreateCertificateAuthorityCertificate(commonName, null, null); CertificateGenerator.WriteCertificate(caCert, "certs\\AHROOT.pfx"); return(true); }
public void GenerateNewCACertificate(String name, String organization = "AutoCA", String organizationalUnit = "IT Security", String city = "Tampa", String stateCode = "FL", String countryCode = "US", String privateKeyPassword = null) { if (!Directory.Exists(CAStorePathInfo.CACertPath)) { Directory.CreateDirectory(CAStorePathInfo.CACertPath); } CertificateGenerator generator = new CertificateGenerator(); //DC domainComponent //CN commonName //OU organizationalUnitName //O organizationName //STREET streetAddress //L localityName //ST stateOrProvinceName //C countryName //UID userid String subjectDN = $"CN={name},O={organization},OU={organizationalUnit},L={city},C={countryCode}"; //,ST={stateCode}"; String[] subjectAlternativeNames = new List <String>().ToArray(); // NO usages for a CA cert. KeyPurposeID[] usages = new List <KeyPurposeID>().ToArray(); X509Certificate2 certForCA = generator.CreateCertificateAuthorityCertificate(subjectDN, subjectAlternativeNames, usages).Certificate; //try //{ // File.WriteAllBytes(CAStorePathInfo.CACertPathAndFileName, certForCA.Export(X509ContentType.SerializedCert, privateKeyPassword)); // Console.WriteLine("Serialized: SUCCESS"); //} //catch (Exception exception) //{ // Console.WriteLine("Serialized: " + exception.Message); //} //try //{ // File.WriteAllBytes(CAStorePathInfo.CACertPathAndFileName + ".auth", certForCA.Export(X509ContentType.Authenticode, privateKeyPassword)); // Console.WriteLine("Authenticode: SUCCESS"); //} //catch (Exception exception) //{ // Console.WriteLine("Authenticode: " + exception.Message); //} //try //{ // File.WriteAllBytes(CAStorePathInfo.CACertPathAndFileName + ".crt", certForCA.Export(X509ContentType.Cert, privateKeyPassword)); // Console.WriteLine("Cert: SUCCESS"); //} //catch (Exception exception) //{ // Console.WriteLine("Cert: " + exception.Message); //} try { File.WriteAllBytes(CAStorePathInfo.CACertPathAndFileName, certForCA.Export(X509ContentType.Pfx, privateKeyPassword)); Console.WriteLine("PFX/PKCS12: SUCCESS"); } catch (Exception exception) { Console.WriteLine("PFX/PKCS12: " + exception.Message); } //try //{ // File.WriteAllBytes(CAStorePathInfo.CACertPathAndFileName + ".p7b", certForCA.Export(X509ContentType.Pkcs7, privateKeyPassword)); // Console.WriteLine("P7B: SUCCESS"); //} //catch (Exception exception) //{ // Console.WriteLine("P7B: " + exception.Message); //} }
public void GenerateSelfSignedCertificateWithValidArgs_ReturnsExpected() { String name = "unit-tester"; String organization = "Division42 LLC"; String organizationalUnit = "IT Security"; String city = "Tampa"; String stateCode = "FL"; String countryCode = "US"; CertificateGenerator instance = new CertificateGenerator(); //DC domainComponent //CN commonName //OU organizationalUnitName //O organizationName //STREET streetAddress //L localityName //ST stateOrProvinceName //C countryName //UID userid String subjectDN = $"CN={name},O={organization},OU={organizationalUnit},L={city},C={countryCode}"; //,ST={stateCode}"; String[] subjectAlternativeNames = new List <String>().ToArray(); KeyPurposeID[] usages = new List <KeyPurposeID>() { KeyPurposeID.AnyExtendedKeyUsage }.ToArray(); TimeIt("Create CA", () => { // CA { X509Certificate2 certForCA = instance.CreateCertificateAuthorityCertificate(subjectDN, subjectAlternativeNames, usages).Certificate; File.WriteAllBytes(@"C:\Data\cert-CA.sst", certForCA.Export(X509ContentType.SerializedCert, "test")); } }); X509Certificate2 caCertFromFile = null; RSA caPrivateKeyFromFile = null; TimeIt("Get CA from file system", () => { caCertFromFile = new X509Certificate2(@"C:\Data\cert-CA.pfx", "test"); caPrivateKeyFromFile = caCertFromFile.GetRSAPrivateKey(); }); TimeIt("Generate Leaf1", () => { // LEAF1 String dnForLeaf1 = $"CN=leaf1,O={organization},OU={organizationalUnit},L={city},C={countryCode}"; X509Certificate2 certForLeaf1 = instance.IssueCertificate(dnForLeaf1, caCertFromFile, caPrivateKeyFromFile, subjectAlternativeNames, usages).Certificate; File.WriteAllBytes(@"C:\Data\cert-leaf1.pfx", certForLeaf1.Export(X509ContentType.Pkcs12, "test")); }); TimeIt("Generate Leaf1", () => { // LEAF2 String dnForLeaf2 = $"CN=leaf2,O={organization},OU={organizationalUnit},L={city},C={countryCode}"; X509Certificate2 certForLeaf2 = instance.IssueCertificate(dnForLeaf2, caCertFromFile, caPrivateKeyFromFile, subjectAlternativeNames, usages).Certificate; File.WriteAllBytes(@"C:\Data\cert-leaf2.pfx", certForLeaf2.Export(X509ContentType.Pkcs12, "test")); }); TimeIt("Generate Leaf1", () => { // LEAF2 String dnForLeaf3 = $"CN=leaf3,O={organization},OU={organizationalUnit},L={city},C={countryCode}"; X509Certificate2 certForLeaf3 = instance.IssueCertificate(dnForLeaf3, caCertFromFile, caPrivateKeyFromFile, subjectAlternativeNames, usages).Certificate; File.WriteAllBytes(@"C:\Data\cert-leaf3.pfx", certForLeaf3.Export(X509ContentType.Pkcs12, "test")); }); Debugger.Break(); }