How to create a certificate to use with SslStream AuthenticateAsServer without importing

In the end, I ran the following to create a server.pfx file:

makecert.exe -r -pe -n "CN=localhost" -sky exchange -sv server.pvk server.cer
pvk2pfx -pvk server.pvk -spc server.cer -pfx server.pfx

Then I loaded it in code with:

certificate = new X509Certificate2("server.pfx", "password");

(I didn't actually hard code the password like that :-)

The trick was to know that I needed a pfx file, and that I needed to load it using the X509Certificate2 class, rather than X509Certificate.

Niki Loche method works.

If you get The specified network password is not correct., then you should try it without password in C#. It doesn't matter what your input password was in makecert.

certificate = new X509Certificate2("Server.pfx", "");

But if you want to use password (there is a reason, it's there :)), try changing pvk2pfx.exe command to:

pvk2pfx.exe" -pi password -pvk Server.pvk -spc Server.cer -pfx Server.pfx

and in C# enter:

certificate = new X509Certificate2("Server.pfx", "password");

Password must be the same as it is in creating cer file.

That did the trick for me. I hope it will help someone.

How to create a certificate to use with SslStream AuthenticateAsServer without importing

Tags:

C#

Ssl

X509Certificate

Related

Recent Posts