X509Certificate2 Class

Represents an X.509 certificate.

public sealed class X509Certificate2 : System.Security.Cryptography.X509Certificates.X509Certificate

The X509Certificate2 class provides a managed wrapper for X.509 certificates. It allows you to access various properties of the certificate, such as its subject, issuer, expiration date, and public key. This class is crucial for establishing secure communication channels using protocols like SSL/TLS.

Constructors

X509Certificate2()

public X509Certificate2()

Initializes a new instance of the X509Certificate2 class.

X509Certificate2(byte[] rawData)

public X509Certificate2(byte[] rawData)

Initializes a new instance of the X509Certificate2 class using the specified array of bytes.

Parameters

rawData: A byte[] array containing the encoded certificate.

X509Certificate2(string fileName)

public X509Certificate2(string fileName)

Initializes a new instance of the X509Certificate2 class using the certificate file at the specified path.

Parameters

fileName: The path to the certificate file.

X509Certificate2(string fileName, string password)

public X509Certificate2(string fileName, string password)

Initializes a new instance of the X509Certificate2 class using the certificate file at the specified path and password.

Parameters

fileName: The path to the certificate file.
password: The password for the certificate file.

Properties

Archived

public bool Archived { get; set; }

Gets or sets a value indicating whether the certificate is archived.

Extensions

public System.Security.Cryptography.X509Certificates.X509ExtensionCollection Extensions { get; }

Gets an X509ExtensionCollection collection of extensions contained in the certificate.

FriendlyName

public string FriendlyName { get; set; }

Gets or sets a friendly name for the certificate.

HasPrivateKey

public bool HasPrivateKey { get; }

Gets a value indicating whether the certificate has an associated private key.

Issuer

public string Issuer { get; }

Gets the issuer name from the certificate.

IssuerName

public System.Security.Cryptography.X509Certificates.X500DistinguishedName IssuerName { get; }

Gets the issuer name from the certificate as an X500DistinguishedName object.

KeyAlgorithm

public string KeyAlgorithm { get; }

Gets the name of the public key algorithm used by the certificate.

KeyLength

public int KeyLength { get; }

Gets the length of the public key, in bits, used by the certificate.

NotAfter

public DateTime NotAfter { get; }

Gets the date and time after which the certificate is no longer valid.

NotBefore

public DateTime NotBefore { get; }

Gets the date and time at which the certificate becomes valid.

Os Issuer

public string OsIssuer { get; }

Gets the issuer name from the certificate, suitable for display.

Os Subject

public string OsSubject { get; }

Gets the subject name from the certificate, suitable for display.

PrivateKey

public System.Security.Cryptography.AsymmetricAlgorithm PrivateKey { get; }

Gets the private key associated with the certificate.

PublicKey

public System.Security.Cryptography.PublicKey PublicKey { get; }

Gets the public key associated with the certificate.

RawData

public byte[] RawData { get; }

Gets the raw data of the certificate.

SerialNumber

public string SerialNumber { get; }

Gets the serial number of the certificate.

SignatureAlgorithm

public string SignatureAlgorithm { get; }

Gets the name of the signature algorithm used to sign the certificate.

Subject

public string Subject { get; }

Gets the subject name from the certificate.

SubjectName

public System.Security.Cryptography.X509Certificates.X500DistinguishedName SubjectName { get; }

Gets the subject name from the certificate as an X500DistinguishedName object.

Thumbprint

public string Thumbprint { get; }

Gets the thumbprint of the certificate.

ThumbprintFromHashAlgorithm

public string ThumbprintFromHashAlgorithm { get; }

Gets the thumbprint of the certificate using the specified hash algorithm.

Version

public int Version { get; }

Gets the version number of the certificate.

Methods

Export(X509ContentType contentType)

public byte[] Export(System.Security.Cryptography.X509Certificates.X509ContentType contentType)

Exports the certificate to a byte array in the specified format.

Parameters

contentType: The format for the exported certificate.

Returns

A byte array containing the exported certificate.

Export(X509ContentType contentType, string password)

public byte[] Export(System.Security.Cryptography.X509Certificates.X509ContentType contentType, string password)

Exports the certificate to a byte array in the specified format with a password.

Parameters

contentType: The format for the exported certificate.
password: The password for protecting the private key.

Returns

A byte array containing the exported certificate.

GetCertHash()

public byte[] GetCertHash()

Gets the hash of the certificate.

Returns

A byte array representing the certificate hash.

GetCertHashString()

public string GetCertHashString()

Gets the hash of the certificate as a string.

Returns

A string representing the certificate hash.

GetExpirationDateString()

public string GetExpirationDateString()

Gets the expiration date of the certificate as a string.

Returns

A string representing the expiration date.

GetFormat()

public string GetFormat()

Gets the format of the certificate.

Returns

A string representing the certificate format.

GetInvalidDateString()

public string GetInvalidDateString()

Gets a string representing the date the certificate becomes invalid.

Returns

A string representing the invalid date.

GetKeyAlgorithm()

public string GetKeyAlgorithm()

Gets the name of the key algorithm used by the certificate.

Returns

A string representing the key algorithm.

GetKeyAlgorithmParameters()

public byte[] GetKeyAlgorithmParameters()

Gets the parameters for the key algorithm used by the certificate.

Returns

A byte array containing the key algorithm parameters.

GetPublicKeyString()

public string GetPublicKeyString()

Gets the public key of the certificate as a string.

Returns

A string representing the public key.

GetRawCertData()

public byte[] GetRawCertData()

Gets the raw data of the certificate.

Returns

A byte array containing the raw certificate data.

GetSerialNumberString()

public string GetSerialNumberString()

Gets the serial number of the certificate as a string.

Returns

A string representing the serial number.

GetSignatureAlgorithm()

public string GetSignatureAlgorithm()

Gets the name of the signature algorithm used to sign the certificate.

Returns

A string representing the signature algorithm.

GetTextX509()

public string GetTextX509()

Gets a string representation of the certificate's information.

Returns

A string containing the certificate's details.

Import(byte[] rawData)

public void Import(byte[] rawData)

Imports a certificate from a byte array.

Parameters

rawData: A byte array containing the certificate data.

Import(string fileName)

public void Import(string fileName)

Imports a certificate from a file.

Parameters

fileName: The path to the certificate file.

Import(string fileName, string password, X509KeyStorageFlags keyStorageFlags)

public void Import(string fileName, string password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags)

Imports a certificate from a file with specified password and key storage flags.

Parameters

fileName: The path to the certificate file.
password: The password for the certificate file.
keyStorageFlags: Flags that control the import and storage of the private key.

Reset()

public void Reset()

Resets the certificate information to its initial state.

Usage Example

Loading and Inspecting a Certificate


using System;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;

public class CertificateExample
{
    public static void Main(string[] args)
    {
        try
        {
            // Load a certificate from a file (replace with your certificate path)
            string certificatePath = "path/to/your/certificate.pfx";
            string certificatePassword = "your_password"; // If the certificate is password protected

            X509Certificate2 cert = new X509Certificate2(certificatePath, certificatePassword);

            Console.WriteLine("Certificate Loaded Successfully!");
            Console.WriteLine($"Subject: {cert.Subject}");
            Console.WriteLine($"Issuer: {cert.Issuer}");
            Console.WriteLine($"Thumbprint: {cert.Thumbprint}");
            Console.WriteLine($"Valid From: {cert.NotBefore}");
            Console.WriteLine($"Valid To: {cert.NotAfter}");
            Console.WriteLine($"Has Private Key: {cert.HasPrivateKey}");
            Console.WriteLine($"Key Algorithm: {cert.KeyAlgorithm}");
            Console.WriteLine($"Key Length: {cert.KeyLength} bits");

            // You can also access extensions
            foreach (X509Extension extension in cert.Extensions)
            {
                Console.WriteLine($"Extension: {extension.Oid.FriendlyName} ({extension.Oid.Value})");
            }
        }
        catch (Exception ex)
        {
            Console.WriteLine($"Error loading certificate: {ex.Message}");
        }
    }
}

The X509Certificate2 class is fundamental for implementing secure network communications in .NET, enabling robust authentication and encryption mechanisms.