堆栈内存溢出
  简体   繁体   English

从X509Store获取X509证书时提示用户输入密码?

[英]Prompt user for password when grabbing X509Certificate from X509Store?

 原文  2009-07-31 12:23:06       c#/ x509certificate2

问题描述

I have a C# form (running on the client machine) which gathers all the user X509Certificates from the store, presents them to the user so they can pick the one they want to use. 我有一个C#表单(在客户端计算机上运行),该表单从商店中收集了所有用户X509证书,并将它们呈现给用户,以便他们可以选择要使用的X509证书。 Then I pass the cert off to a webservice to do some work. 然后,我将证书传递给Web服务以进行一些工作。 This all works great! 这一切都很棒! Problem is, the user is never prompted for the X509Certificate password? 问题是,永远不会提示用户输入X509证书密码吗? I can't find a method to "check password" once I have the X509Certificate from the store. 从商店获得X509Certificate后,我找不到“检查密码”的方法。 I also thought about using the X509Certificate constructor, which needs the path and password, but I don't see a method to get the file path and name from the X509Certificate I grabbed from the store? 我还考虑过使用X509Certificate构造函数,该构造函数需要路径和密码,但是我没有看到一种方法来从我从商店中获取的X509Certificate中获取文件路径和名称? Is it secure to just grab the certificate from the store and not ask for the user's password? 仅从商店中获取证书而不要求输入用户密码是否安全?

This is how I'm grabbing from the store: 这是我从商店抢购的方式: 

X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
for (int i = 0; i < store.Certificates.Count; i++) 
{
    X509Certificate c = store.Certificates[i];
    ...//add to GUI for user to pick here....
}

Thanks for any help, Steve 感谢您的帮助,史蒂夫

2 个解决方案

解决方案1
 0  2009-07-31 12:28:11

If you choose to use a certificate from cryptographic device like eToken or SmartCard you will be automatically prompted to enter the password (password for the device, not certificate). 如果您选择使用来自加密设备(例如eToken或SmartCard)的证书,系统将自动提示您输入密码(设备的密码,而不是证书)。 In other cases I don't think you should care about it. 在其他情况下,我认为您不应该关心它。 You can easily access the local store without any passwords in Windows, so why would you pass-protect them in the app. 在Windows中,您无需任何密码即可轻松访问本地存储,因此为什么要在应用程序中对其进行密码保护。

解决方案2
 0  2009-07-31 12:43:04

it depends wether the certificate's private key is protected by a password or not. 这取决于证书的私钥是否受密码保护。 If you accecss such a certificate from the store, windows should prompt you to enter it. 如果您从商店中访问了此类证书,则窗口应提示您输入该证书。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 X509Certificate IssuedTo / IssuedBy供用户从X509Store显示 - X509Certificate IssuedTo / IssuedBy for user display from X509Store 使用来自当前用户商店的 x509 证书签署 pdf - Sign a pdf with x509certificate from current user store 无法将证书添加到 X509Store - Unable to Add certificate to X509Store 上传到Azure网站时,不在X509Store中的SSL证书 - SSL Certificate not in X509Store when uploaded to Azure Website 如何从 X509Store 加载受密码保护的证书? - how to load password protected certificates from the X509Store? X509证书和XmlDsig - X509Certificate and XmlDsig 重复的X509证书 - Duplicated X509Certificate 撤销X509证书 - Revoked X509Certificate 显示X509Certificate,其链元素不在证书库中 - Display X509Certificate with chain elements not in certificate store X509商店位置与商店? - X509Store Location versus Store?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM