Reputation: 13212
Loading Root Certificate on Compact Framework .NET
I am trying to load an x509 certificate from file in CF.NET. The certificate I am trying to load can be downloaded here (it's a GoDaddy root cert).
My code looks like this:
byte[] bytes = null;
using (var certFile = new FileStream("\\gdroot-g2.crt", FileMode.Open, FileAccess.Read))
using (var br = new BinaryReader(certFile))
{
bytes = new byte[(int)certFile.Length];
br.Read(bytes, 0, bytes.Length);
}
//This line throws the error.
var cert = new X509Certificate2(bytes);
When I try loading the cert, I get the following error:
Creating certificate object failed. The data passed in is either incorrect or is not supported by .NET Compact Framework. .NET Compact Framework does not support reading from pfx files.
I've verified that the .CRT file I am using is Base-64 encoded. Also - when I run this same code on the desktop (using a mobile simulator that we've built) it parses the cert successfully.
Am I missing something basic here?
Upvotes: 0
Views: 787
Answers (3)
Reputation: 219
I too had the same problem and I resolved it by following the below steps.
Convert the certificate file to DER encoded binary X.509 format and then use it in the compact framework.
Steps for conversion:
- Open the .cer file in the computer
- Go to "Details" tab and click "Copy to File..." button
- Certificate Export Wizard appears in which click Next and choose "DER encoded binary X.509(.CER)"
- Click Next and specify the desired location and file name and click Finish
- This will generate a .cer file in the chosen location
Use the certificate file (generated by the above process) in the compact framework and access the information programmatically as follows.
- Read the contents of certificate file using BinaryReader which results in byte[] value
- X509Certificate2 cert = new X509Certificate2(byte value returned by the above step)
- Get the issuer name or any details required through built-in methods like cert.GetIssuerName();
When I followed this procedure, I didn't get any exception and it worked fine.
Upvotes: 1
Reputation: 67198
The X509 namespace in the CF is effectively useless. I'm not sure why they bothered including it at all. I ended up wrapping the certificate APIs manually and creating a separate set of X509 classes that provide the functionality the BCL should have provided. The code is too long for a post here on SO, but those methods are part of the SDF.
Upvotes: 0
Reputation: 166
You might find it easier to interact with the certificate via the X509Store class. You can either add the root certificate by hand or programmatically.
Once you've added your certificate to the store you can retrieve an enumeration of the X509Certificate2 from the store and use LINQ to filter down to the specific GoDaddy certificate.
The linked MSDN page has some sample code showing this in action. Hope this helps.
Upvotes: 0
Related Questions
- how to load password protected certificates from the X509Store?
- Load X509 certificate from disk .Net Core
- How to verify X509 cert without importing root cert?
- Loading X509 Certificate: Error in Azure, can't reproduce locally
- ASP.NET Core fail to create root certificate
- Loading X509Certificate2 certificate chain from store
- Windows Phone 7 - can not load certificate in C# code
- Using a X509 Certificate in .Net Compact Framework for Client Authentication HTTPRequest
- Adding root certificate with CF 3.5
- Specify client certificates in HttpWebRequest in .NET Compact Framework 3.5