'Cannot find the requested object' exception while creating X509Certificate2 from string
If file.PKCS7
represents a PKCS#7 SignedData blob (what gets produced from X509Certificate2.Export(X509ContentType.Pkcs7)
or X509Certificate2Collection.Export(X509ContentType.Pkcs7)
) then there are two different ways of opening it:
new X509Certificate2(byte[])
/new X509Certificate2(string)
- The single certificate constructor will extract the signing certificate of the SignedData blob. If this was just being exported as a collection of certs, but not signing anything, there is no such certificate, and so it fails with
Cannot find the original signer.
(Win 2012r2, other versions could map it to a different string)
- The single certificate constructor will extract the signing certificate of the SignedData blob. If this was just being exported as a collection of certs, but not signing anything, there is no such certificate, and so it fails with
X509Certificate2Collection::Import(byte[])
/X509Certificate2Collection::Import(string)
- The collection import will consume all of the "extra" certificates, ignoring the signing certificate.
So if it's really PKCS#7 you likely want the collection Import (instance) method. If it isn't, you have some odd variable/field/property names.