解决方法
嗯.
最后我使用了Bouncy Castle dll来创建证书.使用这个,有一种设置发行者名称的方法.
这是生成x509Certificate并存储到Trusted People商店的完整代码:
private X509Certificate2 GeneratePFXFile(string certificate,string company,string email,string state,string locality,string username,string country)
{
X509Certificate2 cert = null;
try
{
var kpgen = new RsaKeyPairGenerator();
kpgen.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()),2048));
var kp = kpgen.GenerateKeyPair();
var gen = new X509V3CertificateGenerator();
var certName = new X509Name("CN=" + certificate);
var issuer = new X509Name("C="+country+",O="+company+",OU=LBC Mundial Corp.USA,E="+email+",L="+locality+",ST="+state);
var serialNo = BigInteger.ProbablePrime(120,new Random());
gen.SetSerialNumber(serialNo);
gen.SetSubjectDN(certName);
gen.SetIssuerDN(issuer);
gen.SetNotAfter(DateTime.Now.AddYears(50));
gen.SetNotBefore(DateTime.Now);
gen.SetSignatureAlgorithm("MD5WithRSA");
gen.SetPublicKey(kp.Public);
gen.AddExtension(
X509Extensions.AuthorityKeyIdentifier.Id,false,new AuthorityKeyIdentifier(
SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(kp.Public),new GeneralNames(new GeneralName(certName)),serialNo));
gen.AddExtension(
X509Extensions.ExtendedKeyUsage.Id,new ExtendedKeyUsage(new ArrayList() { new DerObjectIdentifier("1.3.6.1.5.5.7.3.1") }));
var newCert = gen.Generate(kp.Private);
byte[] pfx = DotNetUtilities.ToX509Certificate(newCert).Export(System.Security.Cryptography.X509Certificates.X509ContentType.Pfx,(string)null);
X509Store store = new X509Store((StoreName)StoreName.TrustedPeople,(StoreLocation)StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadWrite);
cert = new X509Certificate2(pfx,(string)null,X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.MachineKeySet);
store.Add(cert);
store.Close();
}
catch (Exception ex)
{
ShowError(ex.Message);
return null;
}
return cert;
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。
