CertificateResource Class
Assembly: System.Net.Security.dll
Provides access to certificate resources, enabling programmatic retrieval and manipulation of X.509 certificates.
Remarks
The CertificateResource class is a fundamental component for managing digital certificates within the .NET Framework's networking and security infrastructure. It facilitates operations such as loading certificates from various storage locations (e.g., the Windows certificate store, file system), extracting certificate properties, and preparing certificates for use in secure communication protocols like SSL/TLS.
This class is particularly useful when you need fine-grained control over certificate selection and validation, such as in server applications that need to present specific server certificates or client applications that must authenticate themselves with client certificates. It plays a crucial role in ensuring secure and trusted communication channels.
Public Constructors
No public constructors are available for this class. Instances are typically obtained through factory methods or static properties.
Public Methods
| Name | Description |
|---|---|
| Load(string certificateName) | Loads an X.509 certificate by its friendly name or thumbprint. Returns a CertificateResource object representing the loaded certificate. |
| Load(StoreName storeName, StoreLocation storeLocation) | Loads the first certificate found in the specified certificate store. Returns a CertificateResource object. |
| Export() | Exports the certificate in its raw byte format. |
| GetSubjectName() | Retrieves the subject distinguished name of the certificate. |
| GetIssuerName() | Retrieves the issuer distinguished name of the certificate. |
| IsExpired() | Checks if the certificate has expired. Returns true if expired, false otherwise. |
Public Properties
| Name | Description |
|---|---|
Thumbprint
|
Gets the thumbprint (hash) of the certificate. |
NotBefore
|
Gets the date and time before which the certificate is not valid. |
NotAfter
|
Gets the date and time after which the certificate is not valid. |
SerialNumber
|
Gets the serial number of the certificate. |
Example Usage
The following example demonstrates how to load a certificate by its thumbprint and check if it is expired.
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
// Example: Replace with your actual certificate thumbprint
string certificateThumbprint = "YOUR_CERTIFICATE_THUMBPRINT_HERE";
try
{
// It's common to retrieve the certificate from the store first
// CertificateResource often acts as a wrapper or utility for X509Certificate2
X509Certificate2 cert = new X509Certificate2(
Convert.FromBase64String(
// Example: If you had the cert as a base64 string
// "MIIC/jCCAeagAwIBAgIQQVjB5w..."
"YOUR_BASE64_ENCODED_CERTIFICATE_STRING_HERE"
)
);
// If using CertificateResource directly for loading from store
// var certificateResource = CertificateResource.Load(certificateThumbprint); // Assuming a Load overload exists
// Using X509Certificate2 directly is more common for direct operations
var certificate = new X509Certificate2(
System.Security.Cryptography.X509Certificates.X509Certificate.CreateFromName($"CN={certificateThumbprint}")
);
if (certificate.HasPrivateKey)
{
Console.WriteLine("Certificate has a private key.");
}
if (certificate.Subject.Contains("Your Expected Subject"))
{
Console.WriteLine("Certificate subject matches expected value.");
}
if (certificate.Verify() && !certificate.HasExpired)
{
Console.WriteLine("Certificate is valid and not expired.");
}
else if (certificate.HasExpired)
{
Console.WriteLine($"Certificate expired on: {certificate.NotAfter}");
}
else
{
Console.WriteLine("Certificate validation failed.");
}
}
catch (CryptographicException ex)
{
Console.WriteLine($"Error loading or validating certificate: {ex.Message}");
}
catch (Exception ex)
{
Console.WriteLine($"An unexpected error occurred: {ex.Message}");
}
See Also
- SslStream Class
- X509Certificate2 Class
- ChasClientCertificate