public async Task VerifyAppCertDirectoryStore() { var appCertificate = GetTestCert(); Assert.NotNull(appCertificate); Assert.True(appCertificate.HasPrivateKey); string password = Guid.NewGuid().ToString(); // pki directory root for app cert var pkiRoot = Path.GetTempPath() + Path.GetRandomFileName() + Path.DirectorySeparatorChar; var storePath = pkiRoot + "own"; var storeType = CertificateStoreType.Directory; appCertificate.AddToStore( storeType, storePath, password ); using (var publicKey = new X509Certificate2(appCertificate.RawData)) { Assert.NotNull(publicKey); Assert.False(publicKey.HasPrivateKey); var id = new CertificateIdentifier() { Thumbprint = publicKey.Thumbprint, StorePath = storePath, StoreType = storeType }; { // check no password fails to load var nullKey = await id.LoadPrivateKey(null).ConfigureAwait(false); Assert.IsNull(nullKey); } { // check invalid password fails to load var nullKey = await id.LoadPrivateKey("123").ConfigureAwait(false); Assert.IsNull(nullKey); } { // check invalid password fails to load var nullKey = await id.LoadPrivateKeyEx(new CertificatePasswordProvider("123")).ConfigureAwait(false); Assert.IsNull(nullKey); } var privateKey = await id.LoadPrivateKeyEx(new CertificatePasswordProvider(password)).ConfigureAwait(false); Assert.NotNull(privateKey); Assert.True(privateKey.HasPrivateKey); X509Utils.VerifyRSAKeyPair(publicKey, privateKey, true); using (ICertificateStore store = Opc.Ua.CertificateStoreIdentifier.CreateStore(storeType)) { store.Open(storePath); await store.Delete(publicKey.Thumbprint).ConfigureAwait(false); } } }