[英]How can I temporarily add/trust a certificate authority for my program?
Our program needs to work with a third party certificate that was provided by a partner. 我们的程序需要使用合作伙伴提供的第三方证书。 This certificate requires we install a certificate authority that was also provided to us before connecting to the client server.
此证书要求我们安装一个证书颁发机构,该证书颁发机构在连接到客户端服务器之前也已提供给我们。 Essentially we have to work with a self signed certificate.
本质上,我们必须使用自签名证书。
The application is written in C#. 该应用程序用C#编写。 I could just instruct end users on how to install a certificate authority before running our application but ideally I'd like to just temporarily add/trust the certificate authority .pfx file and embed that file as a resource in the .exe.
我可以在运行我们的应用程序之前指导最终用户如何安装证书颁发机构,但理想情况下,我只是临时添加/信任证书颁发机构.pfx文件并将该文件作为资源嵌入.exe中。
Does anybody have an idea? 有人有主意吗?
My first thought (as mentioned in the comments) would be to use Process.Start() inside of a #if DEBUG conditional compilation (or use your own custom variable) to run certutil. 我的第一个想法(如评论中所述)是在#if DEBUG条件编译中使用Process.Start()(或使用您自己的自定义变量)来运行certutil。 See this article for how to install the third party CA with certutil: http://support.microsoft.com/kb/295663
请参阅本文以了解如何使用certutil安装第三方CA: http : //support.microsoft.com/kb/295663
To import a CA certificate into the Enterprise NTAuth store, follow these steps: Export the certificate of the CA to a .cer file.
要将CA证书导入到Enterprise NTAuth存储中,请按照下列步骤操作:将CA的证书导出到.cer文件。 The following file formats are supported: DER encoded binary X.509 (.cer) Base-64 encoded X.509 (.cer) At a command prompt, type the following command, and then press ENTER: certutil -dspublish -f filename NTAuthCA
支持以下文件格式:DER编码的二进制X.509(.cer)Base-64编码的X.509(.cer)在命令提示符下,键入以下命令,然后按Enter:certutil -dspublish -f filename NTAuthCA
Process.Start() documentation: Process.Start()文档:
http://msdn.microsoft.com/en-us/library/system.diagnostics.process.start(v=vs.110).aspx http://msdn.microsoft.com/zh-CN/library/system.diagnostics.process.start(v=vs.110).aspx
You could also just write a bacth file to install and uninstall and include it in your source control or project with a readme. 您也可以编写一个bacth文件来安装和卸载,并将其包含在自述文件或源代码控制或项目中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.