在x509certificate2中清空PrivateKey
[英]Empty PrivateKey in x509certificate2
问题描述
I have installed certificate on local machine store (win7) with private key. 
我已使用私钥在本地计算机商店(win7)上安装了证书。 In c# code I do that: 在c#代码中我这样做:
X509Certificate2 cert = null;
var store = new X509Store(storeName, storeLocation);
store.Open(OpenFlags.ReadOnly);
try
{
var result = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, false);
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
cert = result.Count > 0
? result[0]
: null;
}
finally
{
store.Close();
}
return cert;
In cert variable I have my certificate BUT something wrong with it: HasPrivateKey is true but PrivateKey has no any object. 在cert变量中,我有我的证书但是它有问题:HasPrivateKey是真的但是PrivateKey没有任何对象。 And if I send it with REST request in C# code of my web application I have errors: 如果我使用我的Web应用程序的C#代码中的REST请求发送它我有错误:
AcquireCredentialsHandle() failed with error 0X8009030D.
The request was aborted: Could not create SSL/TLS secure channel.
All rights is granted for certificate in store. 商店中的证书授予所有权利。 Please help with it, what is wrong? 请帮帮忙,有什么不对?
Certutil result in Russian (I hide secure info with "***"): Certutil导致俄语(我用“***”隐藏安全信息):
certutil -store my "cf 35 63 34 14 30 a0 32 ca 4a 58 b9 7a 7a ab 18 a4 47 7d a4"
================ Сертификат 0 ================
Серийный номер: 100030
Поставщик: ******************************
NotBefore: 07.07.2015 5:00
NotAfter: 24.12.2023 4:59
Субъект: ********************************
Не корневой сертификат
Шаблон:
Хеш сертификата(sha1): cf 35 63 34 14 30 a0 32 ca 4a 58 b9 7a 7a ab 18 a4 47 7d a4
Контейнер ключа = 94c3b04b44d51674a1b7de89c10bd7d7_09614f03-cc81-44e6-a978-81773242876c
Простое имя контейнера: CertReq-ceda22d5-2893-496a-b8c1-5c9ceaed82f1
Поставщик = Microsoft Strong Cryptographic Provider
Тест шифрования пройден
1 个解决方案
解决方案1
0 已采纳 2015-07-08 11:03:06
I've figured the problem. 我发现了这个问题。 I deleted certificate from machine store, then export installed cerificate from current user store to .pfx file and import it in machine store. 我从机器商店删除了证书,然后将安装的证书从当前用户商店导出到.pfx文件,并将其导入机器商店。 Now PrivateKey has object. 现在PrivateKey有了对象。 Onse more step, I changed protocol type from Tls to Tls12(works for Win7+): 更多的步骤,我将协议类型从Tls更改为Tls12(适用于Win7 +):
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.