runtime: cannot import X509Certificate from file in .net core 2.0
@xingzhougmu commented on Sat Sep 02 2017
Issue Title
cannot import X509Certificate from file in .net core 2.0
General
The following code works perfectly in .net core 1.0, however, does not in .net core 2.0.
X509Certificate clientCert = new X509Certificate(Directory.GetCurrentDirectory() + "/Certs/Production/CN_Certificate.crt");
Under .net core 2.0, the exception is as below:
{Interop+AppleCrypto+AppleCommonCryptoCryptographicException: Unknown format in import. at Interop.AppleCrypto.X509ImportCertificate(Byte[] bytes, X509ContentType contentType, SafePasswordHandle importPassword, SafeKeychainHandle keychain, Boolean exportable, SafeSecIdentityHandle& identityHandle) at Internal.Cryptography.Pal.CertificatePal.FromBlob(Byte[] rawData, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate…ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate…ctor(String fileName) at Test.Program.Main(String[] args) in /Users/xzhou/Projects/Test/Program.cs:line 40}
For some issues, you will get a quicker and better response if you file it at a more specific .NET repo. For example, if the problem is with ASP.NET Core, you are encouraged to use the aspnet/home repo.
About this issue
- Original URL
- State: closed
- Created 7 years ago
- Comments: 20 (8 by maintainers)
Commits related to this issue
- Fixing the Dragon4 algorithm to correctly handle when the first significant digit is after the cutoff (#24484) Signed-off-by: dotnet-bot <dotnet-bot@microsoft.com> — committed to Dotnet-GitSync-Bot/corefx by tannergooding 5 years ago
- Fixing the Dragon4 algorithm to correctly handle when the first significant digit is after the cutoff (#24484) (#37769) Signed-off-by: dotnet-bot <dotnet-bot@microsoft.com> — committed to dotnet/corefx by Dotnet-GitSync-Bot 5 years ago
Looks like you also have base64, rather than using Encoding.UTF8.GetBytes, use Convert.FromBase64String.
I was able to resolve this issue by creating a pkcs12 file from my cert & key. You can use the following command.
openssl pkcs12 -export -out Cert.p12 -in your-cert.pem -inkey your-key.pem
And then