我有一个.PEM文件,其中包含一个私钥,并且以某种方式包含3组证书。我是证书的新手,无法弄清楚如何将其导入到我的代码中,以便能够将其用作访问客户端Web服务的身份验证。
Bag Attributes
localKeyID: 94 7D DF 3D A7 A5 8D 3F FF 73 B5 CF 44 96 4F FC DC DC 51 BB
friendlyName: Company UAT Client SSL Certificate
Key Attributes: <No Attributes>
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
Bag Attributes
localKeyID: 94 7D DF 3D A7 A5 8D 3F FF 73 B5 CF 44 96 4F FC DC DC 51 BB
friendlyName: Company UAT Client SSL Certificate
subject=/emailAddress=ljpclat@aaaa.com.ph/UID=002/CN=Company UAT Client SSL Certificate/OU=TCMG/O=AAAA/C=PH
issuer=/CN=AAAA Company API UAT CA/OU=Information Security/O=AAAA/C=PH
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
Bag Attributes
friendlyName: AAAA Root CA
subject=/CN=AAAA Root CA/OU=Information Security/O=AAAA/C=PH
issuer=/CN=AAAA Root CA/OU=Information Security/O=AAAA/C=PH
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
Bag Attributes
friendlyName: Name CA
subject=/CN=Subject CA/OU=Information Security/O=AAAA/C=PH
issuer=/CN=AAAA Root CA/OU=Information Security/O=AAAA/C=PH
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
我尝试将BouncyCastle-Org.BouncyCastle.X509用于C#,但是每当我尝试访问客户端Web服务时,都会收到错误(400)错误请求。
答案 0 :(得分:0)
我找到了一种解决方法,可以通过使用openssl将 PEM 文件转换为 PFX / PKCS#12 格式(或者,如果您访问-https://www.sslshopper.com/ssl-converter.html,您没有安装证书),然后使用代码中的 X509Certificate2 导入我的证书。而我在这里的其他所有内容-https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.x509certificates.x509certificate2.import?view=netframework-4.8