I'm trying to import certificate (smime) with extension .p7b to windows store.
This is the current code
X509Certificate2 cert = new X509Certificate2(@"C:\test_public_cert.p7b");
X509Store store = new X509Store(StoreName.AddressBook, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadWrite);
store.Add(cert);
It gave me an error that "Cannot find the original signer".
Remark: This code is working with .cer extensions (DER & Base 64).
Anyone please help to identify the possible root clause?
Thanks.
PS. VS2010, Windows Server 2008 R2
Edit1: test_public_cert.p7b was exported from public key on another server via mmc console.
I encountered this problem in the past with the .p7b extension. There are two ways I found you can solve this. In the end I ended up using number 1. Number 2 is something you already found out by exporting to a .cer. You can also try to use option 3 but I am not sure if that will fully work.
1. Use SignedCms instead of the X509Certificate class.
See for more details Enveloped PKCS #7 Signatures
2. Loading a .p7b only includes the certificate file, which probably doesn't include the private key. Install the private key on the server where it was generated and then export it to as a .pfx file and move it to the server you want to use.
3. Since a .p7b file contains the whole certificate chain and not just one certificate you can try the follow method to add this to the windows store.
X509Certificate2Collection certCollection = new X509Certificate2Collection();
certCollection.Import(@"C:\test_public_cert.p7b");
X509Store store = new X509Store(StoreName.AddressBook, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadWrite);
store.AddRange(certCollection);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.