我有一个证书,我可以像这样使用 X509Certificate2 类读取它:
X509Certificate2 证书 = new X509Certificate2(@"certificate.pem");
但我还有一个EC私钥。这是它的文件内容。
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIKpAuZ/Wwp7FTSCNJ56fFM4Y/rf8ltXp3xnrooPxNc1UoAoGCCqGSM49
AwEHoUQDQgAEqiRaEw3ItPsRAqdDjJCyqxhfm8y3tVrxLBAGhPM0pVhHuqmPoQFA
zR5FA3IJZaWcopieEX5uZ4KMtDhLFu/FHw==
-----END EC PRIVATE KEY-----
如何将此私钥“提供”给证书并最终提供给我的 HttpClient,以便它可以用作客户端证书?
这是我的其余代码:
X509Certificate2 certificate = new X509Certificate2(@"certificate.pem");
//certificate.PrivateKey = something;
httpClientHandler.ClientCertificates.Clear();
httpClientHandler.ClientCertificates.Add(certificate);
httpClientHandler.SslProtocols = SslProtocols.Tls12;
httpClientHandler.ClientCertificateOptions = ClientCertificateOption.Manual;
HttpClient httpClient = new HttpClient(httpClientHandler);
HttpResponseMessage result = httpClient.GetAsync("https://server.cryptomix.com/secure/").Result;
string str = result.Content.ReadAsStringAsync().Result;
最佳答案
将证书和 key 与 openssl 组合,并将其提供给 x509certificate 类有效:
openssl pkcs12 -export -in certificate.pem -inkey privatekey.pem -out cert-and-key.pfx
然后使用它来获得一个带有指定私钥的类:
X509Certificate2 certificate = new X509Certificate2("cert-and-key.pfx", "password");
然后我问题中的代码就可以工作了。
关于c# - 为证书提供 EC 私钥以在 HttpClient C# 中使用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/54689349/