public static void RemoveCert( [Argument(Description = "The qualified host name used to created the certificate.")] string name ) { if (name.StartsWith("CN=") == false) { name = String.Format("CN={0}", name); } StringBuilder sbknown = new StringBuilder(); X509Certificate2 found = null; X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); store.Open(OpenFlags.ReadWrite); try { foreach (X509Certificate2 cert in store.Certificates) { if (cert.Subject == name) { found = cert; } sbknown.AppendLine(cert.Subject); } if (found != null) { Console.WriteLine("Removing the following certificate:"); Console.WriteLine(); SslCertValidator.DebugDumpCertificate(found, Console.Out); Console.WriteLine(); Console.WriteLine("Are you sure you want to delete this? [y/n]"); if (Constants.IsUnitTest || 'y' == Console.ReadKey(true).KeyChar) { store.Remove(found); Console.WriteLine("Removed."); } else { Console.WriteLine("Aborted."); } } } finally { store.Close(); } if (found == null) { Console.WriteLine("Unable to locate '{0}' in:", name); Console.WriteLine(sbknown.ToString()); } }
public static void DumpCert( [Argument(Description = "The path to the certificate file to inspect.")] string file, [Argument(Description = "Optional password for the certificate file.", DefaultValue = null)] string password) { file = Path.GetFullPath(file); Console.WriteLine("File Path = {0}", file); X509Certificate2 cert = new X509Certificate2(file, password); SslCertValidator.DebugDumpCertificate(new X509Certificate(file, password), Console.Out); }
public static void FindCert( [Argument(Description = "The qualified host name used to created the certificate.")] string name ) { if (name.StartsWith("CN=") == false) { name = String.Format("CN={0}", name); } StringBuilder sbknown = new StringBuilder(); X509Certificate2 found = null; X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); store.Open(OpenFlags.ReadWrite); try { foreach (X509Certificate2 cert in store.Certificates) { if (cert.Subject == name) { found = cert; } sbknown.AppendLine(cert.Subject); } if (found != null) { Console.WriteLine("Found the following certificate:"); Console.WriteLine(); SslCertValidator.DebugDumpCertificate(found, Console.Out); Console.WriteLine("SignatureAlgorithm = {0}", found.SignatureAlgorithm); Console.WriteLine("HasPrivateKey = {0}", found.HasPrivateKey); try { Console.WriteLine("PrivateKeySize = {0}", found.PrivateKey.KeySize); } catch (Exception e) { if (found.HasPrivateKey) { Console.Error.WriteLine(e); } } Console.WriteLine(); //always grants network service the right to this key string fqpath = CertUtils.GetKeyFileName(found); Console.WriteLine("Private Key File: {0}", fqpath); if (File.Exists(fqpath)) { FileSecurity fsec = new FileSecurity(fqpath, AccessControlSections.Access); foreach (FileSystemAccessRule r in fsec.GetAccessRules(true, false, typeof(NTAccount))) { Console.WriteLine(" {0,6} {1,32} {2}", r.AccessControlType, r.IdentityReference.Value, r.FileSystemRights); } } else { Console.WriteLine("File not found."); } } } finally { store.Close(); } if (found == null) { Console.WriteLine("Unable to locate '{0}' in:", name); Console.WriteLine(sbknown.ToString()); } }