Esempi compatti per Import/Export. → Dettagli: Scenari Import/Export
var cert = new X509Certificate2("certificate.pfx", "password"); // Certificato come PEM string certPem = cert.ExportCertificatePem(); File.WriteAllText("certificate.pem", certPem); // Chiave privata come PEM (cifrata) using var key = cert.GetECDsaPrivateKey(); string keyPem = key.ExportEncryptedPkcs8PrivateKeyPem( "password"u8, new PbeParameters( PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA256, 100000)); File.WriteAllText("private.key", keyPem);
→ Dettagli: Export PEM
// Export var cert = new X509Certificate2("certificate.pfx", "vecchia"); byte[] pfx = cert.Export(X509ContentType.Pfx, "nuova"); File.WriteAllBytes("exported.pfx", pfx); // Import var imported = new X509Certificate2("exported.pfx", "nuova", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
→ Dettagli: Export PFX
// Export var chain = new X509Certificate2Collection(); chain.Add(endEntity); chain.Add(intermediate); chain.Add(root); byte[] p7b = chain.Export(X509ContentType.Pkcs7); File.WriteAllBytes("chain.p7b", p7b); // Import var imported = new X509Certificate2Collection(); imported.Import("chain.p7b");
→ Dettagli: Catena PKCS#7
// Per Java: PKCS#12 con algoritmi compatibili byte[] pfx = cert.Export(X509ContentType.Pfx, "password"); // Per OpenSSL: Formato PEM string pem = cert.ExportCertificatePem();
# OpenSSL: PEM → PKCS#12 openssl pkcs12 -export -in cert.pem -inkey key.pem -out cert.pfx # OpenSSL: PKCS#12 → PEM openssl pkcs12 -in cert.pfx -out cert.pem -nodes
→ Dettagli: Interoperabilita
| Formato | Estensione | Contenuto |
|---|---|---|
| PEM | .pem, .crt, .key | Base64 con header |
| DER | .der, .cer | Binario |
| PFX/PKCS#12 | .pfx, .p12 | Cert + Key + Catena |
| PKCS#7 | .p7b, .p7c | Solo certificati |
« ← Riferimento rapido | → Scenari Import/Export (Dettagli) »
Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional