windows 使用显式 RSA 密钥对在 C# 中创建 CSR
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2953088/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Create a CSR in C# using an explicit RSA key-pair
提问by rlandster
Using the OpenSSL libraries one can create a CSR (certificate signing request) by doing this:
使用 OpenSSL 库,您可以通过执行以下操作来创建 CSR(证书签名请求):
openssl genrsa -out rsa.key 1024
openssl req -new -key rsa.key -out output.csr -config config.txt
where config.txtcontains the distinguished name to use in the certificate.
其中config.txt包含要在证书中使用的专有名称。
I would like to do something similar under Windows using C#. However, the method createPKCS10does not require you to supply an RSA key.
我想在 Windows 下使用 C# 做类似的事情。但是,该方法createPKCS10不需要您提供 RSA 密钥。
Is there a way to get C# to generate an explicit RSA private key and then use that private key to create the CSR?
有没有办法让 C# 生成一个显式的 RSA 私钥,然后使用该私钥创建 CSR?
回答by Ε Г И ? И О
You can use the OpenSSL.NETlibrary to accomplish this task. The following routines should be what you need:
您可以使用OpenSSL.NET库来完成此任务。以下例程应该是您所需要的:
public static void Main()
{
Console.Write(GenerateCsr(GenerateRsaKeyPair()));
}
/// <summary>
/// Generates a 2048 bit RSA key pair.
/// </summary>
/// <returns>The key container</returns>
public static CryptoKey GenerateRsaKeyPair()
{
using(var rsa = new RSA())
{
rsa.GenerateKeys(2048, 0x10021, null, null);
return new CryptoKey(rsa);
}
}
/// <summary>
/// Generates a CSR file content using to the hard-coded details and the given key.
/// </summary>
/// /// <param name="key">RSA key to be used</param>
/// <returns>The CSR file content</returns>
public static string GenerateCsr(CryptoKey key)
{
using (var subject = new X509Name
{
SerialNumber = "1234567890",
Organization = "My Company"
// Add more details here...
})
{
using (var req = new X509Request(0, subject, key))
{
return req.PEM;
}
}
}
回答by Sdk
Here is the code used to generate the .CSR file in C#. I am using Bouncy castle library.
这是用于在 C# 中生成 .CSR 文件的代码。我正在使用充气城堡图书馆。
var subjectName = "CN=www.copanyName.com,O=Company Name,OU=Department,T=Area,ST=State,C=Country";
// Create new Object for Issuer and Subject
var issuer = new X509Name(subjectName);
var subject = new X509Name(subjectName);
// Generate the key Value Pair, which in our case is a public Key
var randomGenerator = new CryptoApiRandomGenerator();
var random = new SecureRandom(randomGenerator);
AsymmetricCipherKeyPair subjectKeyPair = default(AsymmetricCipherKeyPair);
const int strength = 2048;
var keyGenerationParameters = new KeyGenerationParameters(random, strength);
var keyPairGenerator = new RsaKeyPairGenerator();
keyPairGenerator.Init(keyGenerationParameters);
subjectKeyPair = keyPairGenerator.GenerateKeyPair();
AsymmetricCipherKeyPair issuerKeyPair = subjectKeyPair;
//PKCS #10 Certificate Signing Request
Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest("SHA1WITHRSA", subject, issuerKeyPair.Public, null, issuerKeyPair.Private);
//Convert BouncyCastle CSR to .PEM file.
StringBuilder CSRPem = new StringBuilder();
PemWriter CSRPemWriter = new PemWriter(new StringWriter(CSRPem));
CSRPemWriter.WriteObject(csr);
CSRPemWriter.Writer.Flush();
//get CSR text
var CSRtext = CSRPem.ToString();
// Write content into a Txt file
using (StreamWriter f = new StreamWriter(@"C:\Cert_TEST\DemoCSR.txt"))
{
f.Write(CSRtext);
}
回答by Oleg
It seem to me you will find the answer on your question here: http://msdn.microsoft.com/en-us/library/ms867026.aspx.
在我看来,您会在这里找到问题的答案:http: //msdn.microsoft.com/en-us/library/ms867026.aspx。
Look at Reading a certificate signing request with c#for a close question.
查看使用 c# 读取证书签名请求以获取关闭问题。
