Extract file .cer and file .key from a pfx certificate

Question

I use this code to create the .key files starting from a .pfx certificate and everything works fine.

            ////////////////////////////////////////////Create file .key

            string cParK = " pkcs12 -in certificate.pfx -out certificate.key -nocerts -nodes -nomacver -password pass:" + cPass;

            System.Diagnostics.ProcessStartInfo startInfo2 = new System.Diagnostics.ProcessStartInfo("openssl.exe", cParK);
            startInfo2.WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden;
            startInfo2.CreateNoWindow = true;

            System.Diagnostics.Process oProcess2 = System.Diagnostics.Process.Start(startInfo2);
            oProcess2.StartInfo.CreateNoWindow = true;
            oProcess2.WaitForExit();

Is there any way to create the same files without using openssl but only c #?

Yes. Open SSL is creating an xml certificate that is signed. You can create same in c# code provided the encryption mode is supported in your version of windows. — jdweng, Sep 16 '20 at 14:46

score 0 · Accepted Answer · answered Sep 17 '20 at 10:00

0

As for the first question, I also found the solution for exporting the key, perhaps it will also be useful for those who said it was not easy, instead it is very easy. Just follow this post. Solution of the problem

answered Sep 17 '20 at 10:00

Frank

69
15

Frank · Answer 2 · 2020-09-16T15:14:14.377

-1

For now I have found a way to extract the .cer file:

        System.Security.Cryptography.X509Certificates.X509Certificate2 oCert =
        new System.Security.Cryptography.X509Certificates.X509Certificate2("certificate.pfx", "123456");

        Byte[] aCert = oCert.Export(System.Security.Cryptography.X509Certificates.X509ContentType.Cert);
        File.WriteAllBytes("certificato.cer", aCert);

(I deleted this part of the original question)

edited Sep 16 '20 at 15:14

answered Sep 16 '20 at 14:53

Frank

69
15

downvoted because this answer doesn't do what OP asks. This answer extracts only public certificate, but OP needs to get a PKCS#1/8 private key. There is no straight-forward way to do this in .NET. – Crypt32 Sep 16 '20 at 17:53
Before removing votes, perhaps it was better to read and understand: (I deleted this part of the original question) Was the MY question! – Frank Sep 17 '20 at 06:10
Then you asked one question and answered to another. Question was about .key file which stands for private key file. Code snippet proves this. – Crypt32 Sep 17 '20 at 07:36

Extract file .cer and file .key from a pfx certificate

2 Answers2