没有私人密钥导出X.509证书(.NET C#) [英] Exporting X.509 certificate WITHOUT private key (.NET C#)
问题描述
我想这将是简单,但显然事实并非如此。我已经安装了证书,具有私钥,导出,我想以编程方式用公钥唯一的出口。换句话说,我想等同于certmgr出口和出口,以.CER时,选择不导出私钥的结果。
I thought this would be straightforward but apparently it isn't. I have a certificate installed that has a private key, exportable, and I want to programmatically export it with the public key ONLY. In other words, I want a result equivalent to selecting "Do not export the private key" when exporting through certmgr and exporting to .CER.
似乎所有的X509Certificate2.Export方法如果存在将导出私钥,作为PKCS#12,这是我想要的相反
It seems that all of the X509Certificate2.Export methods will export the private key if it exists, as PKCS #12, which is the opposite of what I want.
有没有使用C#来完成这个任何方式,或者我需要开始挖掘到CAPICOM?
Is there any way using C# to accomplish this, or do I need to start digging into CAPICOM?
谢谢
亚伦
推荐答案
有关其他人谁可能无意中发现了这一点,我想它了。如果指定 X509ContentType.Cert 作为第一个(也是唯一一个)参数 X509Certificate.Export ,它只是出口公众键。在另一方面,指定 X509ContentType.Pfx 包括私钥(如果存在)。
For anyone else who might have stumbled on this, I figured it out. If you specify X509ContentType.Cert as the first (and only) parameter to X509Certificate.Export, it only exports the public key. On the other hand, specifying X509ContentType.Pfx includes the private key if one exists.
我可以发誓,我是看到不同的行为,上周,但已经安装了私钥我必须已经在我的测试。当我今天删除了证书,并从头开始,我看到有在导出的证书没有私有密钥。
I could have sworn that I was seeing different behaviour last week, but I must have already had the private key installed when I was testing. When I deleted that certificate today and started again from scratch, I saw that there was no private key in the exported cert.
这篇关于没有私人密钥导出X.509证书(.NET C#)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
