2

Edit:

Turns out that Bouncy Castle is fully managed. This question explains how to create a .pfx file with a private and public part of the certificate.

For an application that I'm writing in C# (targeting .net Standard 2.0/.net Core 2.x), I want to create X509Certificates with a private key, basically a self-signed HTTPS certificate with RSA and SHA256 or SHA512.

I know how to do this through the Windows API with CertCreateSelfSignCertificate from Crypt32.dll, but I wonder if there is a 100% managed solution for this?

This is for dev use, so the fact that the cert isn't trusted is no issue. I don't want to execute an external application (openssl), and even though .net Core has some native crypto bindings, I'm looking for fully managed.

Michael Stum
  • 177,530
  • 117
  • 400
  • 535
  • CertificateRequest (in the linked answer) is part of .NET Core 2.0. There's no (inbox) pure managed solution for .NET Standard 2.0 or .NET Framework 4.7. – bartonjs Feb 05 '18 at 04:06
  • If it's for dev use and you don't mind it not being trusted, then why bother with c#-created certs? Create them externally via a tool. For that matter, why bother with certs at all? Sounds like it is going to be running on a trusted, non-public environment anyway? –  Feb 05 '18 at 04:49
  • @MickyD In this case, it's not for HTTPS cert but to prototype and test a certificate-based encryption protocol. So I need certificates, and I need to dynamically create them for each test. – Michael Stum Feb 05 '18 at 06:00
  • No problem good sir –  Feb 05 '18 at 06:06
  • 1
    CertificateRequest is available now in an early access build of .NET 4.7.2: https://blogs.msdn.microsoft.com/dotnet/2018/02/05/announcing-net-framework-4-7-2-early-access-build-3052/ – bartonjs Feb 05 '18 at 23:16

0 Answers0