gpt4 book ai didi

c# X509Certificate2 添加证书如何标记为可导出

转载 作者:太空狗 更新时间:2023-10-30 01:19:06 37 4
gpt4 key购买 nike

我有一个 .NET 4.0 程序在端口 9000 上运行本地主机。我想支持 SSL 并拥有要导入的 .pfx 证书。

因为程序在多台计算机上运行,​​程序本身负责存储证书并注册其端口。

当程序导入并注册时,一切正常。但是当我重新启动计算机时,https 连接无法正常工作......更多......

事件查看器给出以下错误:

A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030D. The internal error state is 10001.

An error occurred while using SSL configuration for endpoint 0.0.0.0:9000. The error status code is contained within the returned data.

我发现一些解决方案声明您需要在导入时将证书标记为“可导出”但我找不到如何在代码中执行此操作。

Website 1Website 2

存储证书:

String path = String.Concat(IOHelper.AssemblyPath, @"\certificate.pfx");
X509Certificate2 cert = new X509Certificate2(path, "password");

X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadWrite);

if(!store.Certificates.Contains(cert))
{
store.Add(cert);
}

注册主机:

netsh http add sslcert ipport=0.0.0.0:9000 certhash=<cert hash> appid=<app id>

最佳答案

X509Certificate2 标记为可导出实际上非常简单。您添加第三个参数 (X509KeyStorageFlags.Exportable),它指示证书是可导出的。

var cert = new X509Certificate2(path, "password", X509KeyStorageFlags.Exportable);

关于c# X509Certificate2 添加证书如何标记为可导出,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/24366562/

37 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com