I'm trying to create an RSA keypair that I can use with System.Security.Cryptography.X509Certificates.X509Certificate2
using OpenSSL.
The PFX I've managed to generate gives me this stack trace
create a private key, unencrypted (I realize this is not best practice)
openssl genrsa -out private.pem 2048
create a public key from the private key
openssl rsa -in private.pem -outform PEM -pubout -out public.pem
create a certificate file from the private key
openssl req -x509 -key private.pem -out cert.pem -days 365 -nodes -subj "/C=US/ST=Colorado/L=Colorado Springs/O=Contoso/OU=Security/CN=mypurpose.contoso.org"
create a pfx file using the self-signed certificate
openssl pkcs12 -in cert.pem -inkey private.pem -export -out combined.pfx
prompts for a password to secure the pkcs
Trying to instantiate the instance of X509Certificate2
with
new X509Certificate2(@"C:\path\to\combined.pfx", "password", X509KeyStorageFlags.Exportable);
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromFile(String fileName, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at Program.Main()