none
How to check whether .pfx file contains Certificate Authority Certificate or not RRS feed

  • Question

  • Hello,

    I am using SslStream class for secure communication. I am providing facilities, import .pfx file into specified store.

    But before import, I want to check whether the .pfx file contains public key, private key and Certificate Authority certificate in it or not.

    Using X509Certificate2 class i can easily check existence of public key and private key but not the third one that is "Certificate Authority Certificate" in the .pfx file.

    Is anyone knows how to do it...??

    My .pfx file looks like

    -----BEGIN RSA PRIVATE KEY-----
    MIICXQIBAAKBgQCaDyX57ccXzZVPVA3vDiOq79whepzUG/d48+dkp0WlisExQJQF
    AdmnJLuVuP4N3C1pyrleY956lkFOGb2jjrPAXmsVYBy5r9wUSqAWBcmLLQnVOrcQ
    g8g7nTr3Qge5bkfscenkTG2ykS5IoL6k03foV6D+JzuveSE7mmXPZeJqzwIDAQAB
    AoGAPti1JkrQsC4mndDtSjsbY80roOCy/3hVMRtWpuHx8IE1JJFykMRbdOrwNzjb
    Mu5B/Gk9y3q0NI/9Hg40JXe+bbZOuhCg8Y6RmLhVBANEbxipMyeSxRX79uVD4jG5
    OTSA8jyaKXC3Mq0Zeg8IY/ZkmUg7jPSVHC8pyqMrSUof3RECQQDHh0IUpqeb7OJH
    2i1cVs4gVSIrSNeB4AK6ACQ/aBQpaXkmLoDUiJfjTeaJ+Xoh/BwlLmg1+nAnlfv+
    veI3yHx3AkEAxalwsVz7Kx/pnIdgtO85v/52BNTMXdmouhElvvqCAVTuGIwdNGuM
    rouZuiICsGffzLW8k/+yKfzpP0+ZGBESaQJAJXA6tPdEUdyT5NmKU14yVRzESYzk
    awkmWdI2+vLDfbW9tq1ZHQf4P/1Y+aCnCwNsIInhoec47iSVYQouDTuAJwJBAJPb
    q/EBHOGlfZsZqb2vNgPo1V/HzxhlOVH2gcXanmVgorq6FR6hVRs8UkJqLpjHGyKG
    0Anlu+Csz84MPPlDzAECQQCupLd0E/nCpwh/tEqxlHIeqS2HIejhSX5FdLFRzORW
    PWJKJ5Q1BGiKrahIKd2tB6W0pPFwo7eIkq76J/vtaBzE
    -----END RSA PRIVATE KEY-----
    Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number: 2 (0x2)
        Signature Algorithm: md5WithRSAEncryption
            Issuer: CN=Companame Root Certificate Authority, ST=GJ, C=IN/emailAddress=emp@company.com, O=Company Name, OU=Embedded Department
            Validity
                Not Before: Jan 31 09:34:26 2013 GMT
                Not After : Jan 30 09:34:26 2018 GMT
            Subject: CN=ixm.web, ST=GJ, C=IN/emailAddress=emp@invixium.com, O=Company Name, OU=Embedded Department
            Subject Public Key Info:
                Public Key Algorithm: rsaEncryption
                    Public-Key: (1024 bit)
                    Modulus:
                        00:9a:0f:25:f9:ed:c7:17:cd:95:4f:54:0d:ef:0e:
                        23:aa:ef:dc:21:7a:9c:d4:1b:f7:78:f3:e7:64:a7:
                        45:a5:8a:c1:31:40:94:05:01:d9:a7:24:bb:95:b8:
                        fe:0d:dc:2d:69:ca:b9:5e:63:de:7a:96:41:4e:19:
                        bd:a3:8e:b3:c0:5e:6b:15:60:1c:b9:af:dc:14:4a:
                        a0:16:05:c9:8b:2d:09:d5:3a:b7:10:83:c8:3b:9d:
                        3a:f7:42:07:b9:6e:47:ec:71:e9:e4:4c:6d:b2:91:
                        2e:48:a0:be:a4:d3:77:e8:57:a0:fe:27:3b:af:79:
                        21:3b:9a:65:cf:65:e2:6a:cf
                    Exponent: 65537 (0x10001)
            X509v3 extensions:
                X509v3 Subject Alternative Name: 
                    DNS:www.companyname.com
                X509v3 Basic Constraints: 
                    CA:FALSE
                Netscape Cert Type: 
                    SSL Client
        Signature Algorithm: md5WithRSAEncryption
             85:5d:13:d7:d4:69:d0:b3:06:2c:e9:6b:4b:e4:17:8e:1a:64:
             c9:c2:51:d0:63:cb:04:e6:3d:c8:90:92:f3:f7:fb:6d:8e:d6:
             8b:11:75:e4:0e:a3:be:d7:d9:42:48:2e:1b:98:54:56:3d:2a:
             12:a1:bc:ee:5a:c1:db:7f:b2:86:26:0a:5e:82:93:a5:ef:d8:
             d3:65:e6:b4:f6:27:2f:b6:d2:60:ba:65:50:b7:bc:ae:df:89:
             68:2d:2d:07:41:0b:d0:77:6b:d2:b8:20:bf:31:19:5d:83:6c:
             e3:0f:ca:9a:2b:d0:4a:22:95:bd:37:1a:81:06:98:f7:ba:85:
             f8:b6:cb:6f:1e:72:91:2f:7b:f6:32:04:b0:59:ea:c2:fe:28:
             65:b0:b3:26:45:c8:3a:c1:3a:82:f2:cd:9e:80:6f:ca:25:ca:
             40:9f:72:78:8e:5a:d5:79:f2:01:2b:c6:da:8a:32:84:ab:b3:
             80:b5:04:e6:11:1c:bd:9e:47:ba:fc:d7:a8:ba:56:65:6b:22:
             a2:07:60:5a:ff:57:f3:2a:85:98:ab:ca:71:48:84:a9:f2:c3:
             ff:f7:99:4e:ff:24:10:0a:86:76:e1:af:be:2c:ea:9d:09:07:
             85:23:d7:e1:2e:3a:a3:d5:7f:8f:21:34:4e:0c:4b:c7:4b:d7:
             11:2f:50:6a
    -----BEGIN CERTIFICATE-----
    MIIDfjCCAmagAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBsjEsMCoGA1UEAxMjSW52
    aXhpdW0gUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxCzAJBgNVBAgTAkdKMQsw
    CQYDVQQGEwJJTjEmMCQGCSqGSIb3DQEJARYXZHByYWphcGF0aUBpbnZpeGl1bS5j
    b20xIjAgBgNVBAoTGUludml4aXVtIEFjY2VzcyBQdnQuIEx0ZC4xHDAaBgNVBAsT
    E0VtYmVkZGVkIERlcGFydG1lbnQwHhcNMTMwMTMxMDkzNDI2WhcNMTgwMTMwMDkz
    NDI2WjCBljEQMA4GA1UEAxMHaXhtLndlYjELMAkGA1UECBMCR0oxCzAJBgNVBAYT
    AklOMSYwJAYJKoZIhvcNAQkBFhdkcHJhamFwYXRpQGludml4aXVtLmNvbTEiMCAG
    A1UEChMZSW52aXhpdW0gQWNjZXNzIFB2dC4gTHRkLjEcMBoGA1UECxMTRW1iZWRk
    ZWQgRGVwYXJ0bWVudDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAmg8l+e3H
    F82VT1QN7w4jqu/cIXqc1Bv3ePPnZKdFpYrBMUCUBQHZpyS7lbj+Ddwtacq5XmPe
    epZBThm9o46zwF5rFWAcua/cFEqgFgXJiy0J1Tq3EIPIO50690IHuW5H7HHp5Ext
    spEuSKC+pNN36Feg/ic7r3khO5plz2Xias8CAwEAAaM9MDswGwYDVR0RBBQwEoIQ
    d3d3Lmludml4aXVtLmNvbTAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIHgDAN
    BgkqhkiG9w0BAQQFAAOCAQEAhV0T19Rp0LMGLOlrS+QXjhpkycJR0GPLBOY9yJCS
    8/f7bY7WixF15A6jvtfZQkguG5hUVj0qEqG87lrB23+yhiYKXoKTpe/Y02XmtPYn
    L7bSYLplULe8rt+JaC0tB0EL0Hdr0rggvzEZXYNs4w/KmivQSiKVvTcagQaY97qF
    +LbLbx5ykS979jIEsFnqwv4oZbCzJkXIOsE6gvLNnoBvyiXKQJ9yeI5a1XnyASvG
    2ooyhKuzgLUE5hEcvZ5HuvzXqLpWZWsiogdgWv9X8yqFmKvKcUiEqfLD//eZTv8k
    EAqGduGvvizqnQkHhSPX4S46o9V/jyE0TgxLx0vXES9Qag==
    -----END CERTIFICATE-----

    Thanks


    Regards, Hiren Bharadwa




    Tuesday, April 9, 2013 4:39 AM

All replies

  • Hi, I am not so sure what do you mean with "Certificate Authority Certificate" , do you mean the certificate Issuer which is there?

    Those information includes certificate name( indicate it with -n x509name), private key( with -pe) ,store location of the certificate and so on are specified when creating the certificate.

    Wednesday, April 10, 2013 6:29 AM