如何在C＃中创建X509Certificate2时更改颁发者名称

Question

I am working with creating X509Certificate2 certificate in my C#.net application. 我正在使用我的C＃.net应用程序创建X509Certificate2证书。 While creating certificate, how to set the issuer name? 在创建证书时，如何设置颁发者名称？ currently issuer name shows same as subject name. 当前颁发者名称显示与主题名称相同。

Please help. 请帮忙。

Answer 1

Hmm. 嗯。

Finally I have used Bouncy Castle dll to create certificates.Using this, there is a method to set issuer name. 最后我使用了Bouncy Castle dll来创建证书。使用这个，有一种设置发行者名称的方法。

This is the fully code to generate x509Certificate and to store into Trusted People store: 这是生成x509Certificate并存储到Trusted People商店的完整代码：

 private X509Certificate2 GeneratePFXFile(string certificate,string company,string   email,string state,string locality,string username,string country)
    {
        X509Certificate2 cert = null;
        try
        {
            var kpgen = new RsaKeyPairGenerator();

            kpgen.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()), 2048));

            var kp = kpgen.GenerateKeyPair();

            var gen = new X509V3CertificateGenerator();

            var certName = new X509Name("CN=" + certificate);
            var issuer = new X509Name("C="+country+",O="+company+",OU=LBC Mundial Corp.USA,E="+email+",L="+locality+",ST="+state);
            var serialNo = BigInteger.ProbablePrime(120, new Random());

            gen.SetSerialNumber(serialNo);
            gen.SetSubjectDN(certName);
            gen.SetIssuerDN(issuer);
            gen.SetNotAfter(DateTime.Now.AddYears(50));
            gen.SetNotBefore(DateTime.Now);
            gen.SetSignatureAlgorithm("MD5WithRSA");
            gen.SetPublicKey(kp.Public);

            gen.AddExtension(
                X509Extensions.AuthorityKeyIdentifier.Id,
                false,
                new AuthorityKeyIdentifier(
                    SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(kp.Public),
                    new GeneralNames(new GeneralName(certName)),
                    serialNo));

            gen.AddExtension(
                X509Extensions.ExtendedKeyUsage.Id,
                false,
                new ExtendedKeyUsage(new ArrayList() { new DerObjectIdentifier("1.3.6.1.5.5.7.3.1") }));

            var newCert = gen.Generate(kp.Private);
            byte[] pfx = DotNetUtilities.ToX509Certificate(newCert).Export(System.Security.Cryptography.X509Certificates.X509ContentType.Pfx, (string)null);

            X509Store store = new X509Store((StoreName)StoreName.TrustedPeople, (StoreLocation)StoreLocation.LocalMachine);
            store.Open(OpenFlags.ReadWrite);

            cert = new X509Certificate2(pfx,(string)null, X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.MachineKeySet);

            store.Add(cert);
            store.Close();
        }
        catch (Exception ex)
        {
            ShowError(ex.Message);
            return null;
        }
        return cert;
    }

如何在C＃中创建X509Certificate2时更改颁发者名称

问题描述

1 个解决方案

解决方案1
1 已采纳 2013-07-31 05:48:14

如何在C＃中创建X509Certificate2时更改颁发者名称

问题描述

1 个解决方案

解决方案1 1 已采纳 2013-07-31 05:48:14

解决方案1
1 已采纳 2013-07-31 05:48:14