这是我的代码
static void Main(string[] args)
{
try
{
ContentInfo contentInfo = new ContentInfo(File.ReadAllBytes(@"D:\prj\temp\manifest.json"));
SignedCms signedCms = new SignedCms(SubjectIdentifierType.IssuerAndSerialNumber, contentInfo);
var signer = new CmsSigner(new X509Certificate2(@"D:\prj\temp\Shooger_Passbook_withoutKey.p12", "xxxxxxxxx"));
signer.Certificates.Add(new X509Certificate2(@"D:\prj\temp\AppleIncRootCertificate.cer"));
signer.Certificates.Add(new X509Certificate2(@"D:\prj\temp\AppleWWDRCA.cer"));
signer.IncludeOption = X509IncludeOption.WholeChain;
signer.SignedAttributes.Add(new Pkcs9SigningTime());
signedCms.ComputeSignature(signer, false);
byte[] myCmsMessage = signedCms.Encode();
File.WriteAllBytes(@"D:\prj\temp\signature", myCmsMessage);
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
}
有人可以告诉我它为什么抛出"发生了内部证书链错误。"?
答案 0 :(得分:1)
对于那些在更新证书并发现它不起作用后撕掉头发的人,您现在需要在签名中添加“签名时间”属性。因此:
var oid = new Oid("1.2.840.113549.1.7.2");
ContentInfo contentInfo = new ContentInfo(oid, manifest);
var signedCms = new SignedCms(contentInfo, true);
var signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, myX509certificate);
signer.IncludeOption = X509IncludeOption.EndCertOnly;
signer.Certificates.Add(appleWwdrCertificate);
// new requirement to add 'signing-date'
signer.SignedAttributes.Add(new Pkcs9SigningTime(DateTime.Now));
signedCms.ComputeSignature(signer);
bytes[] signature = signedCms.Encode();
答案 1 :(得分:0)
尝试从Windows证书商店
加载证书以下链接将为您提供在.net
中签署通行证的详细教程http://geekswithblogs.net/MobileLOB/archive/2012/07/30/part-3ndashpassbook-server.aspx
希望这有助于.. :)
答案 2 :(得分:0)
我为.Net创建了一个OSS库,可以为您处理所有这些。您只需要自己的Passbook证书和主Apple证书。