证书导入和显示
方式一,直接导入到证书管理器中,可选中导入地点,是否可导出等选项。
1 /// <summary> 2 /// 证书导入 3 /// </summary> 4 public static bool ImportCert(string certPath, string certPwd) 5 { 6 try 7 { 8 //添加个人证书 9 X509Certificate2 certificate = new X509Certificate2(certPath, certPwd, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.UserKeySet | X509KeyStorageFlags.PersistKeySet); 10 X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); 11 store.Open(OpenFlags.ReadWrite); 12 store.Remove(certificate);//可省略 13 store.Add(certificate); 14 store.Close(); 15 return true; 16 } 17 catch 18 { 19 return false; 20 } 21 } 22 23 /// <summary> 24 /// 证书导入 25 /// </summary> 26 public static bool ImportCert(byte[] certBytes, string certPwd) 27 { 28 try 29 { 30 //添加个人证书 31 X509Certificate2 certificate = new X509Certificate2(certBytes, certPwd, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.UserKeySet | X509KeyStorageFlags.PersistKeySet); 32 X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); 33 store.Open(OpenFlags.ReadWrite); 34 store.Remove(certificate);//可省略 35 store.Add(certificate); 36 store.Close(); 37 return true; 38 } 39 catch 40 { 41 return false; 42 } 43 }
方式二,通过注册表导入,可将现有的证书导出byte[]数组的形式,然后在重新导入到另一台计算机。
1 string Sub_Dir_Name = "BA5F0ABFE02EE1019C2C42080C99AB015D70EBFB"; 2 if (Environment.Is64BitOperatingSystem) 3 { 4 Program.WriteLog("导入根证书64:"); 5 RegistryKey hklm = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\WOW6432Node\Microsoft\SystemCertificates\AuthROOT\Certificates", true); 6 7 RegistryKey aimdir = hklm.CreateSubKey(Sub_Dir_Name); 8 aimdir.SetValue( 9 "Blob", 10 Convert.FromBase64String(Key_Value) 11 , RegistryValueKind.Binary); 12 Program.WriteLog("导入根证书64:"); 13 } 14 else 15 { 16 Program.WriteLog("导入根证书32:"); 17 RegistryKey hklm = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates", true); 18 19 RegistryKey aimdir = hklm.CreateSubKey(Sub_Dir_Name); 20 aimdir.SetValue( 21 "Blob", 22 Convert.FromBase64String(Key_Value) 23 , RegistryValueKind.Binary); 24 Program.WriteLog("导入根证书32:"); 25 }
两种导入方式各有优劣,方式一简单易懂,方式二复杂,但是可以将当前设置的证书属性这些导入到计算机(如友好名称、证书目的、扩展的验证);根据需要各取所需。
显示证书,可以用winfrom调用即可:
1 try 2 { 3 if (_smtpCertBytes != null) 4 { 5 X509Certificate2 cert = new X509Certificate2(_smtpCertBytes); 6 X509Certificate2UI.DisplayCertificate(cert); 7 } 8 } 9 catch (Exception) 10 { }