没有私人密钥导出X.509证书(.NET C#) [英] Exporting X.509 certificate WITHOUT private key (.NET C#)
问题描述
我想这将是简单,但显然事实并非如此。我已经安装了证书,具有私钥,导出,我想以编程方式用公钥唯一的出口。换句话说,我想等同于certmgr出口和出口,以.CER时,选择不导出私钥的结果。
I thought this would be straightforward but apparently it isn't. I have a certificate installed that has a private key, exportable, and I want to programmatically export it with the public key ONLY. In other words, I want a result equivalent to selecting "Do not export the private key" when exporting through certmgr and exporting to .CER.
似乎所有的X509Certificate2.Export方法如果存在将导出私钥,作为PKCS#12,这是我想要的相反
It seems that all of the X509Certificate2.Export methods will export the private key if it exists, as PKCS #12, which is the opposite of what I want.
有没有使用C#来完成这个任何方式,或者我需要开始挖掘到CAPICOM?
Is there any way using C# to accomplish this, or do I need to start digging into CAPICOM?
谢谢
亚伦
推荐答案
有关其他人谁可能无意中发现了这一点,我想它了。如果指定 X509ContentType.Cert
作为第一个(也是唯一一个)参数 X509Certificate.Export
,它只是出口公众键。在另一方面,指定 X509ContentType.Pfx
包括私钥(如果存在)。
For anyone else who might have stumbled on this, I figured it out. If you specify X509ContentType.Cert
as the first (and only) parameter to X509Certificate.Export
, it only exports the public key. On the other hand, specifying X509ContentType.Pfx
includes the private key if one exists.
我可以发誓,我是看到不同的行为,上周,但已经安装了私钥我必须已经在我的测试。当我今天删除了证书,并从头开始,我看到有在导出的证书没有私有密钥。
I could have sworn that I was seeing different behaviour last week, but I must have already had the private key installed when I was testing. When I deleted that certificate today and started again from scratch, I saw that there was no private key in the exported cert.
这篇关于没有私人密钥导出X.509证书(.NET C#)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!