Kompakte Beispiele für Import/Export. → Details: Import/Export-Szenarien
var cert = new X509Certificate2("certificate.pfx", "passwort"); // Zertifikat als PEM string certPem = cert.ExportCertificatePem(); File.WriteAllText("certificate.pem", certPem); // Private Key als PEM (verschlüsselt) using var key = cert.GetECDsaPrivateKey(); string keyPem = key.ExportEncryptedPkcs8PrivateKeyPem( "passwort"u8, new PbeParameters( PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA256, 100000)); File.WriteAllText("private.key", keyPem);
→ Details: PEM Export
// Export var cert = new X509Certificate2("certificate.pfx", "alt"); byte[] pfx = cert.Export(X509ContentType.Pfx, "neu"); File.WriteAllBytes("exported.pfx", pfx); // Import var imported = new X509Certificate2("exported.pfx", "neu", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
→ Details: PFX Export
// Export var chain = new X509Certificate2Collection(); chain.Add(endEntity); chain.Add(intermediate); chain.Add(root); byte[] p7b = chain.Export(X509ContentType.Pkcs7); File.WriteAllBytes("chain.p7b", p7b); // Import var imported = new X509Certificate2Collection(); imported.Import("chain.p7b");
→ Details: PKCS#7 Chain
// Für Java: PKCS#12 mit kompatiblen Algorithmen byte[] pfx = cert.Export(X509ContentType.Pfx, "passwort"); // Für OpenSSL: PEM-Format string pem = cert.ExportCertificatePem();
# OpenSSL: PEM → PKCS#12 openssl pkcs12 -export -in cert.pem -inkey key.pem -out cert.pfx # OpenSSL: PKCS#12 → PEM openssl pkcs12 -in cert.pfx -out cert.pem -nodes
→ Details: Interoperabilität
| Format | Extension | Inhalt |
|---|---|---|
| PEM | .pem, .crt, .key | Base64 mit Header |
| DER | .der, .cer | Binär |
| PFX/PKCS#12 | .pfx, .p12 | Cert + Key + Chain |
| PKCS#7 | .p7b, .p7c | Nur Zertifikate |
« ← Kurzreferenz | → Import/Export-Szenarien (Details) »
Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional