0

My Question:

From a Certificate Signing Request as below:

Example:

-----BEGIN CERTIFICATE REQUEST-----
MIIClDCCAXwCAQAwTzELMAkGA1UEBhMCVk4xEDAOBgNVBAMMB2RldmljZTMxCjAI ...
-----BEGIN CERTIFICATE REQUEST-----

I am using system.security.cryptography.x509certificates, I would load it as a CertificateRequest/X509Certificate2 object to create new certificate from Certificate Signing Request.

Anyone who know how to do?

My Try

Input:

  • self signed certificate as a CA
  • certificate signing request

My code

string rootCA = ""; // root certificate
string scrString = ""; // certificate signing request
byte[] rootRawData = Convert.FromBase64String(rootCA);
X509Certificate2 rootCert = new X509Certificate2(rootRawData);

var generator = X509SignatureGenerator.CreateForRSA(rootCert.GetRSAPrivateKey(), RSASignaturePadding.Pkcs1);

byte[] scrRawData = Convert.FromBase64String(scrString);
X509Certificate2 scrDeviceCert = new X509Certificate2(scrRawData); ------> ERROR: : 'Cannot find the requested object.'
CertificateRequest scrDeviceReq = new CertificateRequest(scrDeviceCert.IssuerName, scrDeviceCert.PublicKey, HashAlgorithmName.SHA256);

var deviceCert = scrDeviceReq.Create(rootCert.IssuerName, generator, DateTimeOffset.UtcNow.AddDays(1), DateTimeOffset.UtcNow.AddDays(6), new byte[] { 1, 2, 3, 4 });
Nhat Duy
  • 178
  • 1
  • 2
  • 11
  • 1
    A CSR is not a certificate, you can not load it as such. A certificate is created from a CSR by a specific method using another signing certificate and key (the CA) – Patrick Mevzek Jul 10 '20 at 05:02
  • yes, I am looking for a way to load CSR by this library, but seems not wok – Nhat Duy Jul 10 '20 at 06:06
  • this is tracked as https://github.com/dotnet/runtime/issues/29547 – Nhat Duy Jul 10 '20 at 06:09
  • Does this answer your question? [How to load a certificate request and create a certificate from it in .NET](https://stackoverflow.com/questions/63818937/how-to-load-a-certificate-request-and-create-a-certificate-from-it-in-net) – bartonjs Sep 10 '20 at 17:38

1 Answers1

0

There is no built-in functionality to read CSRs in .NET Core. You have to use 3rd party libraries to decode CSRs.

Crypt32
  • 10,912
  • 2
  • 37
  • 66