ARTICLE AD BOX
Here I create a CSR:
var cspParams = new CspParameters { Flags = CspProviderFlags.UseMachineKeyStore }; using (var rsa = new RSACryptoServiceProvider(2048, cspParams)) { var csr = new CertificateRequest($"CN={subjectName}", rsa, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1); csr.CertificateExtensions.Add( new X509KeyUsageExtension( X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.NonRepudiation | X509KeyUsageFlags.KeyEncipherment | X509KeyUsageFlags.DataEncipherment, false)); csr.CertificateExtensions.Add(new X509EnhancedKeyUsageExtension(new OidCollection { new Oid("1.3.6.1.5.5.7.3.2") }, false)); return Convert.ToBase64String(csr.CreateSigningRequest()); }Then I sign it and send it to CA getting the certificate. Next I put it into a store:
using (X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine)) { store.Open(OpenFlags.ReadWrite); store.Add(cert); }And now certificate doesn't have its private key. How can I put it into the store only with its private key?
Previously the code was using IX509Enrollment for it but now I need to migrate from it.
19.4k12 gold badges68 silver badges119 bronze badges
1
