(NET6+) Grant user read permission on certificate's private key
Question
Windows stores certificate's private keys as files, and you can use mmc.exe to give users read permissions on these keys. I need a way to do that programatically in NET6.
Microsoft have marked the PrivateKey property on the X509Certificate class as obsolete (since .NET 4.6) and the correct way is to use the extension methods provided .
However, the returned RSA key class does not contain a UniqueName property which I can then use to determine the filename of the private key, and thus grant a user read permission on it.
This question Grant user permission to the private key shows how it can be achieved using the obsolete property name.
Does anyone know how this can be achieved without using the PrivateKey property?
1 answers
solution1
1 ACCPTED 2022-07-19 17:19:44
I had some luck with this:
// input: "X509Certificate2 cert"
RSACng rsa = cert.GetRSAPrivateKey() as RSACng;
string rsaKeyName = rsa.Key.UniqueName;
if (rsaKeyName == null)
{
RSACryptoServiceProvider rsaCSP = cert.GetRSAPrivateKey() as RSACryptoServiceProvider;
rsaKeyName = rsaCSP.CspKeyContainerInfo.KeyContainerName;
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.