แก้ไข

แชร์ผ่าน


X509Certificate2.CreateFromEncryptedPemFile Method

Definition

Creates a new X509 certificate from the file contents of an RFC 7468 PEM-encoded certificate and password protected private key.

public static System.Security.Cryptography.X509Certificates.X509Certificate2 CreateFromEncryptedPemFile (string certPemFilePath, ReadOnlySpan<char> password, string? keyPemFilePath = default);
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public static System.Security.Cryptography.X509Certificates.X509Certificate2 CreateFromEncryptedPemFile (string certPemFilePath, ReadOnlySpan<char> password, string? keyPemFilePath = default);
static member CreateFromEncryptedPemFile : string * ReadOnlySpan<char> * string -> System.Security.Cryptography.X509Certificates.X509Certificate2
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
static member CreateFromEncryptedPemFile : string * ReadOnlySpan<char> * string -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Shared Function CreateFromEncryptedPemFile (certPemFilePath As String, password As ReadOnlySpan(Of Char), Optional keyPemFilePath As String = Nothing) As X509Certificate2

Parameters

certPemFilePath
String

The path for the PEM-encoded X509 certificate.

password
ReadOnlySpan<Char>

The password for the encrypted PEM.

keyPemFilePath
String

If specified, the path for the password protected PEM-encoded private key. If unspecified, the certPemFilePath file will be used to load the private key.

Returns

A new certificate with the private key.

Attributes

Exceptions

The contents of the file path in certPemFilePath do not contain a PEM-encoded certificate, or it is malformed.

-or-

The contents of the file path in keyPemFilePath do not contain a password protected PEM-encoded private key, or it is malformed.

-or-

The contents of the file path in keyPemFilePath contains a key that does not match the public key in the certificate.

-or-

The certificate uses an unknown public key algorithm.

-or-

The password specified for the private key is incorrect.

certPemFilePath is null.

Remarks

See ReadAllText(String) for additional documentation about exceptions that can be thrown.

Password protected PEM-encoded keys are always expected to have the PEM label "ENCRYPTED PRIVATE KEY".

PEM-encoded items that have a different label are ignored.

Combined PEM-encoded certificates and keys do not require a specific order. For the certificate, the first certificate with a CERTIFICATE label is loaded. For the private key, the first private key with the label "ENCRYPTED PRIVATE KEY" is loaded. More advanced scenarios for loading certificates and private keys can leverage PemEncoding to enumerate PEM-encoded values and apply any custom loading behavior.

For PEM-encoded keys without a password, use CreateFromPemFile(String, String).

Applies to