CertificateIntrospection Class
Namespace: System.Net.Security
Assembly: System (in System.dll)
Overview
The CertificateIntrospection class provides static methods for inspecting the properties of an X.509 certificate without requiring the certificate to be installed in a certificate store. This is useful for scenarios where you need to validate or extract information from certificates programmatically, such as during client authentication or secure communication setup.
Remarks
CertificateIntrospection simplifies the process of accessing certificate details. Instead of complex cryptographic operations or store management, developers can directly query attributes like the subject name, issuer name, validity period, public key information, and extensions. This class promotes efficient and secure handling of certificate data in applications.
Methods
-
GetSubjectName
public static string GetSubjectName(X509Certificate2 certificate)
Retrieves the subject name from the specified X.509 certificate.
-
GetIssuerName
public static string GetIssuerName(X509Certificate2 certificate)
Retrieves the issuer name from the specified X.509 certificate.
-
GetValidityPeriod
public static System.Security.Cryptography.X509.X509Chain.X509ChainStatus[] GetValidityPeriod(X509Certificate2 certificate)
Retrieves information about the validity period of the specified X.509 certificate.
-
GetPublicKeyInfo
public static string GetPublicKeyInfo(X509Certificate2 certificate)
Retrieves details about the public key contained within the X.509 certificate.
-
GetExtensions
public static System.Security.Cryptography.X509.X509ExtensionCollection GetExtensions(X509Certificate2 certificate)
Retrieves all extensions present in the specified X.509 certificate.
Example Usage
The following C# code demonstrates how to use the CertificateIntrospection class to retrieve information from an X.509 certificate.
using System;
using System.Security.Cryptography.X509;
using System.Net.Security;
public class CertificateInspector
{
public static void InspectCertificate(string certificatePath)
{
try
{
// Load the certificate from a file
X509Certificate2 certificate = new X509Certificate2(certificatePath);
Console.WriteLine($"--- Certificate Details for: {certificate.FriendlyName} ---");
// Get Subject Name
string subjectName = CertificateIntrospection.GetSubjectName(certificate);
Console.WriteLine($"Subject Name: {subjectName}");
// Get Issuer Name
string issuerName = CertificateIntrospection.GetIssuerName(certificate);
Console.WriteLine($"Issuer Name: {issuerName}");
// Get Validity Period
var validityInfo = CertificateIntrospection.GetValidityPeriod(certificate);
Console.WriteLine($"Validity Period:");
foreach (var status in validityInfo)
{
Console.WriteLine($"- {status.Status}: {status.StatusInformation}");
}
Console.WriteLine($"Valid From: {certificate.NotBefore}");
Console.WriteLine($"Valid To: {certificate.NotAfter}");
// Get Public Key Info
string publicKeyInfo = CertificateIntrospection.GetPublicKeyInfo(certificate);
Console.WriteLine($"Public Key Info: {publicKeyInfo}");
// Get Extensions
X509ExtensionCollection extensions = CertificateIntrospection.GetExtensions(certificate);
Console.WriteLine($"Number of Extensions: {extensions.Count}");
foreach (X509Extension extension in extensions)
{
Console.WriteLine($" - {extension.Oid.FriendlyName} ({extension.Oid.Value})");
}
Console.WriteLine("--------------------------------------------");
}
catch (Exception ex)
{
Console.WriteLine($"Error inspecting certificate: {ex.Message}");
}
}
// Example usage within a Main method
public static void Main(string[] args)
{
// Replace with the actual path to your certificate file
string certFilePath = "path/to/your/certificate.cer";
InspectCertificate(certFilePath);
}
}
Requirements
Namespace: System.Net.Security
Assembly: System.dll