Reputation:
How to read Pkcs#7 certificate chain from file/stream in C#?
I have two certificates that I saved to disk. One is a certificate with private key that I exported as a .pfx file, the other one is a certificate that I saved including its certificate chain as a PKCS#7 file ("certchain.p7b").
In C# I can now load the .pfx file with
var cert = new X509Certificate2(myPfxFileStream);
(myPfxFileStream is a FileStream opened to the .pfx File for reading), however trying the same thing with the PKCs#7 Certificate fails in a CryptoGraphicException "Der Indexwert ist ungültig" which translates to "invalid index value".
I assume I have to parse PKCS#7 differently (it contains a chain, not a single certificate!), but how?
(Oh, by the way: Currently I have no passwords on those certficiates)
Upvotes: 6
Views: 17731
Answers (1)
Reputation: 74530
You will want to use the SignedCms class in the System.Security.Cryptography.Pkcs namespace.
This blog entry will show you how to use the class:
link update 2021: https://learn.microsoft.com/en-us/archive/blogs/shawnfa/enveloped-pkcs-7-signatures
original link: http://blogs.msdn.com/shawnfa/archive/2006/02/27/539990.aspx
You basically will call the Decode method, passing the bytes representing the PKCS file.
Upvotes: 8
Related Questions
- How to Read the certificates file from the PKCS7.p7b certificate file using openssl?
- Reading digital certificate from the file
- How to get private key from PKCS#12 (.p12) file using C#
- How to retrieve certificates from a pfx file with c#?
- Get string from X509 Cert pfx file
- PKCS11Interop : How to extract certificate with private key?
- Read certificates from a PKI card
- Importing Certificate and Chain (PFX file) with C#
- How to get certificate from pkcs7 file
- Parse PKCS #7 SSL Certificate Chain (.p7b) without private key?