I found this other SO question that put me on the right track. Certificates API was added to .Net Core on 2.0 version. I have a function like the next one to create self signed certificates that I later import into My store to use them on IIS. private X509Certificate2 buildSelfSignedServerCertificate() { SubjectAlternativeNameBuilder sanBuilder = … Read more
Do you have PKCS#12 or just PFX-file? In the Microsoft world it is the same, but other think another (see this archived page). You can try just following X509Certificate2 cert = X509Certificate2(byte[] rawData, “password”); X509Certificate2 cert2 = X509Certificate2(byte[] rawData, “password”, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable); (X509Certificate2(Byte[])) or X509Certificate2 cert = X509Certificate2(“C:\Path\my.pfx”, “password”); (see X509Certificate2(String, String) … Read more
One of things that comes to my mind is the identity of your app pool, make sure that the Load user profile is turned on otherwise the crypto subsystem does not work.
Perhaps /// <summary> /// Export a certificate to a PEM format string /// </summary> /// <param name=”cert”>The certificate to export</param> /// <returns>A PEM encoded string</returns> public static string ExportToPEM(X509Certificate cert) { StringBuilder builder = new StringBuilder(); builder.AppendLine(“—–BEGIN CERTIFICATE—–“); builder.AppendLine(Convert.ToBase64String(cert.Export(X509ContentType.Cert), Base64FormattingOptions.InsertLineBreaks)); builder.AppendLine(“—–END CERTIFICATE—–“); return builder.ToString(); }