Search Results

Search found 2 results on 1 pages for 'genady'.

Page 1/1 | 1 

  • Generated signed X.509 client certificate is invalid (no certificate chain to its CA)

    - by Genady
    I use Bouncy Castle for generation of X.509 client certificates and sing them using a known CA. First I read the CA certificate from the certificate store, generate the client certificate, sign it using the CA. Validation of the certificate is failed doe to the following issue A certificate chain could not be built to a trusted root authority. As I understand this is due to the certificate not being related to the CA. Here is a code sample: public static X509Certificate2 GenerateCertificate(X509Certificate2 caCert, string certSubjectName) { // Generate Certificate var cerKp = kpgen.GenerateKeyPair(); var certName = new X509Name(true,certSubjectName); // subjectName = user var serialNo = BigInteger.ProbablePrime(120, new Random()); X509V3CertificateGenerator gen2 = new X509V3CertificateGenerator(); gen2.SetSerialNumber(serialNo); gen2.SetSubjectDN(certName); gen2.SetIssuerDN(new X509Name(true,caCert.Subject)); gen2.SetNotAfter(DateTime.Now.AddDays(100)); gen2.SetNotBefore(DateTime.Now.Subtract(new TimeSpan(7, 0, 0, 0))); gen2.SetSignatureAlgorithm("SHA1WithRSA"); gen2.SetPublicKey(cerKp.Public); AsymmetricCipherKeyPair akp = DotNetUtilities.GetKeyPair(caCert.PrivateKey); Org.BouncyCastle.X509.X509Certificate newCert = gen2.Generate(caKp.Private); // used for getting a private key X509Certificate2 userCert = ConvertToWindows(newCert,cerKp); if (caCert22.Verify()) // works well for CA { if (userCert.Verify()) // fails for client certificate { return userCert; } } return null; } private static X509Certificate2 ConvertToWindows(Org.BouncyCastle.X509.X509Certificate newCert, AsymmetricCipherKeyPair kp) { string tempStorePwd = "abcd1234"; var tempStoreFile = new FileInfo(Path.GetTempFileName()); try { // store key { var newStore = new Pkcs12Store(); var certEntry = new X509CertificateEntry(newCert); newStore.SetCertificateEntry( newCert.SubjectDN.ToString(), certEntry ); newStore.SetKeyEntry( newCert.SubjectDN.ToString(), new AsymmetricKeyEntry(kp.Private), new[] { certEntry } ); using (var s = tempStoreFile.Create()) { newStore.Save( s, tempStorePwd.ToCharArray(), new SecureRandom(new CryptoApiRandomGenerator()) ); } } // reload key return new X509Certificate2(tempStoreFile.FullName, tempStorePwd); } finally { tempStoreFile.Delete(); } }

    Read the article

  • Is there a naming convention for a method that should set the properties of the passed object.

    - by Genady Sergeev
    Hello, I am writing a method that will set the properties of an object passed as a parameter. The method accepts one parameter of type interface and the return type of the method is the same interface. I was wondering if there is some kind of a naming convention for such methods. I was thinking of something like: FillInInterfaceTypeData or InitInterfaceTypeData but both sound clumsy to me. How do you think?

    Read the article

1