Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/ssl/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/7/jsf/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何使用C#(Mono/Xamarin)中的Bouncy Castle导入签名SSL证书?_C#_Ssl_Mono_Xamarin_Bouncycastle - Fatal编程技术网
Fatal编程技术网
  • csharp/
  • 如何使用C#(Mono/Xamarin)中的Bouncy Castle导入签名SSL证书?

如何使用C#(Mono/Xamarin)中的Bouncy Castle导入签名SSL证书?

c# ssl mono xamarin

如何使用C#(Mono/Xamarin)中的Bouncy Castle导入签名SSL证书?,c#,ssl,mono,xamarin,bouncycastle,C#,Ssl,Mono,Xamarin,Bouncycastle,我使用Bouncy Castle生成私钥和PKCS10 CSR,然后将其发送到远程服务器进行签名。我得到一个标准的base64编码的签名SSL证书作为字符串响应。问题是,如何从字符串导入签名证书,然后将私钥和签名证书保存为PKCS12(.PFX)文件 此外,如何将CA证书捆绑到PFX文件中 // Generate the private/public keypair RsaKeyPairGenerator kpgen = new RsaKeyPairGenerator (); CryptoApi

我使用Bouncy Castle生成私钥和PKCS10 CSR,然后将其发送到远程服务器进行签名。我得到一个标准的base64编码的签名SSL证书作为字符串响应。问题是,如何从字符串导入签名证书,然后将私钥和签名证书保存为PKCS12(.PFX)文件

此外,如何将CA证书捆绑到PFX文件中

// Generate the private/public keypair
RsaKeyPairGenerator kpgen = new RsaKeyPairGenerator ();
CryptoApiRandomGenerator randomGenerator = new CryptoApiRandomGenerator ();
kpgen.Init (new KeyGenerationParameters (new SecureRandom (randomGenerator), 2048));
AsymmetricCipherKeyPair keyPair = kpgen.GenerateKeyPair ();

// Generate the CSR
X509Name subjectName = new X509Name ("CN=domain.com/name=Name");
Pkcs10CertificationRequest kpGen = new Pkcs10CertificationRequest ("SHA256withRSA", subjectName, keyPair.Public, null, keyPair.Private);
string certCsr = Convert.ToBase64String (kpGen.GetDerEncoded ());

// ** certCsr is now sent to be signed  **
// ** let's assume that we get "certSigned" in response, and also have the CA **
string certSigned = "[standard signed certificate goes here]";
string certCA = "[standard CA certificate goes here]";

// Now how do I import certSigned and certCA
// Finally how do I export everything as a PFX file?
Bouncy Castle是一个功能非常强大的库,但是由于缺乏文档,使用起来非常困难。在对所有的类和方法进行了太长时间的搜索之后,我终于找到了我想要的。以下代码将获取先前生成的私钥,将其与签名证书和CA捆绑在一起,然后将其另存为.PFX文件:

// Import the signed certificate
X509Certificate signedX509Cert = new X509CertificateParser ().ReadCertificate (Encoding.UTF8.GetBytes (certSigned));
X509CertificateEntry certEntry = new X509CertificateEntry (signedX509Cert);

// Import the CA certificate
X509Certificate signedX509CaCert = new X509CertificateParser ().ReadCertificate (Encoding.UTF8.GetBytes (certCA ));
X509CertificateEntry certCaEntry = new X509CertificateEntry (signedX509CaCert);

// Prepare the pkcs12 certificate store
Pkcs12Store store = new Pkcs12StoreBuilder ().Build ();

// Bundle together the private key, signed certificate and CA
store.SetKeyEntry (signedX509Cert.SubjectDN.ToString () + "_key", new AsymmetricKeyEntry (keyPair.Private), new X509CertificateEntry[] {
    certEntry,
    certCaEntry
});

// Finally save the bundle as a PFX file
using (var filestream = new FileStream (@"CertBundle.pfx", FileMode.Create, FileAccess.ReadWrite)) {
    store.Save (filestream, "password".ToCharArray (), new SecureRandom ());
}
欢迎反馈和改进

但是你需要CA证书或任何中间证书来完成这项工作吗?