public void Dispose() { if (RootCA != null) { RootCA.Dispose(); } }
public void LoadCA(String PKCS12Filename) { FileInfo caPkcs12 = new FileInfo(PKCS12Filename); if (caPkcs12.Exists) { try { Byte[] bPKCS12 = File.ReadAllBytes(caPkcs12.FullName); // You need to write the CSR string to a BIO object as shown below. BIO pkcs12BIO = BIO.MemoryBuffer(); pkcs12BIO.Write(bPKCS12); X509Certificate cert = X509Certificate.FromPKCS12(pkcs12BIO, this.caPassword); if (RootCA != null) { RootCA.Dispose(); } RootCA = new X509CertificateAuthority(cert, cert.PrivateKey, new SimpleSerialNumber(1), cfg); } catch (Exception ex) { RootCA = null; } } }
public void CreateCA(X509Name Name) { FileInfo caPkcs12 = new FileInfo(Path.Combine(certDir.FullName, Name.Common + ".pfx")); if (caPkcs12.Exists) { caPkcs12.Delete(); } if (RootCA != null) { RootCA.Dispose(); } // Create a root certificate authority which will have a self signed certificate. RootCA = X509CertificateAuthority.SelfSigned(cfg, new SimpleSerialNumber(), CreateNewRSAKey(2048), MessageDigest.SHA256, Name, DateTime.Now, (DateTime.Now.AddYears(10) - DateTime.Now)); BuildPKCS12AndSave(caPkcs12.FullName, this.caPassword, RootCA.Key, RootCA.Certificate); }
public void LoadOrCreateCA(String PKCS12Filename, X509Name Name, subjectAltName altNames) { FileInfo caPkcs12 = new FileInfo(PKCS12Filename); if (caPkcs12.Exists) { try { Byte[] bPKCS12 = File.ReadAllBytes(caPkcs12.FullName); // You need to write the CSR string to a BIO object as shown below. BIO pkcs12BIO = BIO.MemoryBuffer(); pkcs12BIO.Write(bPKCS12); X509Certificate cert = X509Certificate.FromPKCS12(pkcs12BIO, this.caPassword); if (RootCA != null) { RootCA.Dispose(); } RootCA = new X509CertificateAuthority(cert, cert.PrivateKey, new SimpleSerialNumber(1), cfg); } catch { RootCA = null; } } if (RootCA == null) { X509V3ExtensionList ext = new X509V3ExtensionList(); ext.Add(new X509V3ExtensionValue("nsComment", true, "SafeID - IAM Generated Certificate")); ext.Add(new X509V3ExtensionValue("basicConstraints", true, "CA:true")); //ext.Add(new X509V3ExtensionValue("keyUsage", true, "critical, cRLSign, keyCertSign, digitalSignature")); ext.Add(new X509V3ExtensionValue("subjectKeyIdentifier", true, "hash")); ext.Add(new X509V3ExtensionValue("authorityKeyIdentifier", true, "keyid,issuer:always")); if (altNames != null) { foreach (Uri u in altNames.Uri) { ext.Add(new X509V3ExtensionValue("subjectAltName", true, "URI:" + u.AbsoluteUri.ToLower())); } foreach (String m in altNames.Mail) { ext.Add(new X509V3ExtensionValue("subjectAltName", true, "email:" + m)); } foreach (String s in altNames.Dns) { ext.Add(new X509V3ExtensionValue("subjectAltName", true, "DNS:" + s)); } foreach (String s in altNames.Text) { ext.Add(new X509V3ExtensionValue("subjectAltName", true, "otherName:1.2.3.4;UTF8:" + s)); } } RootCA = X509CertificateAuthority.SelfSigned(new SimpleSerialNumber(), CreateNewRSAKey(2048), MessageDigest.SHA1, Name, DateTime.Now.AddHours(-24), (DateTime.Now.AddYears(10) - DateTime.Now), ext); BuildPKCS12AndSave(caPkcs12.FullName, this.caPassword, RootCA.Key, RootCA.Certificate); } }