I found this other SO question that put me on the right track. Certificates API was added to .Net Core on 2.0 version. I have a function like the next one to create self signed certificates that I later import into My store to use them on IIS. private X509Certificate2 buildSelfSignedServerCertificate() { SubjectAlternativeNameBuilder sanBuilder = … Read more
You’re not waiting on a task with an OnlyOnFaulted continuation – you’re waiting on that continuation (returned by ContinueWith). The continuation is never going to fire because the original task returned normally, so it’s acting as if it were cancelled. Makes sense to me. I suspect you want to create the task, add the continuation, … Read more
A little clarification about your mentioned file types: .cer-files are X.509 Certificates .pfx-files are encrypted X.509 Certificates using a password-based symmetric key, also see PKCS #12 (Wikipedia) .snk-files only contain the RSA key (public/private or public only) It doesn’t matter if you sign an assembly using .pfx-files or .snk-files, it will get strong named either … Read more
As explained here, you can review the information of the certificate before import it using: certutil -dump YourCertificate.pfx If you want to run this from Visual Studio you can do this: Go to Tools > External Tools > Add Set the required info: Name=CertUtil Command=C:\Windows\System32\certutil.exe Arguments=-p YourPass -dump $(ItemPath). Check Use output window. With this … Read more
The .pfx is used at the temporary code certificate to sign your app for deployment to your machine so you can debug. You can remove it, but a new temporary key will need to be generated (via the Packaging tab in the package.appxmanifest dialog). I always leave it in the code I post since it … Read more
Use the local computer store for the private key: X509Certificate2 cert = new X509Certificate2(“myhost.pfx”, “pass”, X509KeyStorageFlags.MachineKeySet); MachineKeySet is described as “private keys are stored in the local computer store rather than the current user store”. The default with no flags is to place in the user store. Even though you are reading the certificate from … Read more
Another perspective for doing it on Linux… here is how to do it so that the resulting single file contains the decrypted private key so that something like HAProxy can use it without prompting you for passphrase. openssl pkcs12 -in file.pfx -out file.pem -nodes Then you can configure HAProxy to use the file.pem file. This … Read more
PFX files are PKCS#12 Personal Information Exchange Syntax Standard bundles. They can include arbitrary number of private keys with accompanying X.509 certificates and a certificate authority chain (set certificates). If you want to extract client certificates, you can use OpenSSL’s PKCS12 tool. openssl pkcs12 -in input.pfx -out mycerts.crt -nokeys -clcerts The command above will output … Read more
I was running into this problem as well. I was able to resolve the issue by running sn -i <KeyFile> <ContainerName> (installs key pair into a named container). sn is usually installed as part of a Windows SDK. For example C:\Program Files (x86)\Microsoft SDKs\Windows\v8.0A\bin\NETFX 4.0 Tools\sn.exe. Most likely this location is not on the search … Read more