以下是签署数据的代码。当我从Visual Studio运行时,它完美地工作并签名,但是当我将它发布到IIS时,它无法与证书匹配,并且在mycert中没有分配任何证书。最终它抛出异常无法找到原始签名者。我的开发和发布机器是一样的。我已经安装了IIS并将代码托管在同一台机器上,但没有运气。
public static string Sign(string signData)
{
try
{
X509Certificate2 mycert = null;
X509Store my = new X509Store(StoreName.My, StoreLocation.CurrentUser);
my.Open(OpenFlags.ReadOnly);
foreach (X509Certificate2 cert in my.Certificates)
{
mycert = cert;
if (cert.Subject.ToUpper().Contains("MYNAME"))
{ // it never goes into this match when host in IIS
WriteToLogFile("*** Debugging mode at certificate match ***");
mycert = cert;
break;
}
}
string Base64Payload = Convert.ToBase64String(Encoding.UTF8.GetBytes(signData));
string sha256 = SHA256Checksum(signData);
byte[] data = Encoding.UTF8.GetBytes(sha256);
ContentInfo content = new ContentInfo(data);
SignedCms signedCms = new SignedCms(content);
CmsSigner signer = new CmsSigner(mycert);
signer.DigestAlgorithm = new Oid("SHA256");
//signer.IncludeOption = X509IncludeOption.WholeChain;
signer.IncludeOption = X509IncludeOption.EndCertOnly;
// create the signature
signedCms.ComputeSignature(signer, false); // Get Exception on this line Cannot find the original signer.
bool isValid = Verify(signedCms.Encode(), mycert);
return Convert.ToBase64String(signedCms.Encode());
}
catch (Exception ex)
{
WriteToLogFile("*** Exception while making signed data ***"+ex.Message);
throw ex;
}
}