如何使用c#以编程方式将证书安装到本地计算机存储中?

时间:2009-02-19 18:32:43

标签: c# .net wcf certificate makecert

我有通过MakeCert生成的证书。我想使用PeerTrust将此证书用于WCF消息安全性。如何使用c#或.NET以编程方式将证书安装到“可信人”本地计算机证书存储区?

我有一个CER文件,但也可以创建一个PFX。

4 个答案:

答案 0 :(得分:58)

我认为这是正确的:

using (X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine)) 
{
   store.Open(OpenFlags.ReadWrite);
   store.Add(cert); //where cert is an X509Certificate object
}

答案 1 :(得分:38)

以下作品对我有用:

private static void InstallCertificate(string cerFileName)
{
    X509Certificate2 certificate = new X509Certificate2(cerFileName);
    X509Store store = new X509Store(StoreName.TrustedPublisher, StoreLocation.LocalMachine);

    store.Open(OpenFlags.ReadWrite);
    store.Add(certificate);
    store.Close();
}

答案 2 :(得分:7)

不是将证书安装到需要提升权限的LocalMachine,而是将其添加到“CurrentUser”(适用于我)。

X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadWrite);
store.Add(cert); //where cert is an X509Certificate object
store.Close();

答案 3 :(得分:1)

我必须使用X509KeyStorageFlags。 PersistKeySet | X509KeyStorageFlags。 MachineKeySet 标志来解决“密钥集不存在” 错误,该错误稍后在尝试使用证书时发生:

X509Certificate2 certificate = new X509Certificate2(pfxPath, password, X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.MachineKeySet);
using (X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine))
{
     store.Open(OpenFlags.ReadWrite);
     store.Add(certificate);
     store.Close();
}

感谢这篇文章:Private key of certificate in certificate-store not readable

相关问题
最新问题