示例#1
0
 private static X509Certificate Sign(CertificationRequestInfo csr, X509Certificate authority)
 {
     return(new X509Certificate {
         Tbs =
         {
             SignatureAlgorithm   = X509AlgorithmIdentifier.Sha256Rsa,
             Validity             = new X509Validity {
                 NotBefore        = DateTimeOffset.UtcNow,
                 NotAfter         = DateTimeOffset.UtcNow.AddDays(5)
             },
             Subject              = csr.Subject,
             SubjectPublicKeyInfo = csr.SubjectPublicKeyInfo
         },
     }.AddExtensions(csr.RequestedExtensions).SetIssuer(authority).GenerateSerialNumber().SetSubjectKeyIdentifier(csr.SubjectPublicKeyInfo.GenerateIdentifier()).SignWith(authority));
 }
示例#2
0
        private static X509Certificate GenerateIntermediateCertificate(X509Certificate root)
        {
            var intermediatePrivateKey = new RsaPrivateKey(2048);
            var csr = new CertificationRequestInfo {
                Subject = new X509Name {
                    CommonName   = "Intermediate CA",
                    Organization = "EasySSL"
                },
                SubjectPublicKeyInfo = intermediatePrivateKey.CreatePublicKey().GetSubjectPublicKeyInfo()
            }.SetBasicConstraint(new BasicConstraintExtension {
                Authority            = true,
                PathLengthConstraint = 2
            }).SetAuthorityInfoAccess(new AuthorityInfoAccessExtension {
                Methods =
                {
                    new AuthorityAccessDescription {
                        Url = "http://ssl.vcap.me/ca.crt"
                    }
                }
            });

            return(Sign(csr, root).SetPrivateKey(intermediatePrivateKey));
        }