X509Certificate2 X509Certificate2 X509Certificate2 X509Certificate2 Constructors

Definition

Overloads

X509Certificate2() X509Certificate2() X509Certificate2()

Initializes a new instance of the X509Certificate2 class.

X509Certificate2(String, String, X509KeyStorageFlags) X509Certificate2(String, String, X509KeyStorageFlags) X509Certificate2(String, String, X509KeyStorageFlags) X509Certificate2(String, String, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate2 class using a certificate file name, a password used to access the certificate, and a key storage flag.

X509Certificate2(String, SecureString, X509KeyStorageFlags) X509Certificate2(String, SecureString, X509KeyStorageFlags) X509Certificate2(String, SecureString, X509KeyStorageFlags) X509Certificate2(String, SecureString, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate2 class using a certificate file name, a password, and a key storage flag.

X509Certificate2(Byte[], String, X509KeyStorageFlags) X509Certificate2(Byte[], String, X509KeyStorageFlags) X509Certificate2(Byte[], String, X509KeyStorageFlags) X509Certificate2(Byte[], String, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate2 class using a byte array, a password, and a key storage flag.

X509Certificate2(String, String) X509Certificate2(String, String) X509Certificate2(String, String) X509Certificate2(String, String)

Initializes a new instance of the X509Certificate2 class using a certificate file name and a password used to access the certificate.

X509Certificate2(String, SecureString) X509Certificate2(String, SecureString) X509Certificate2(String, SecureString) X509Certificate2(String, SecureString)

Initializes a new instance of the X509Certificate2 class using a certificate file name and a password.

X509Certificate2(SerializationInfo, StreamingContext) X509Certificate2(SerializationInfo, StreamingContext) X509Certificate2(SerializationInfo, StreamingContext) X509Certificate2(SerializationInfo, StreamingContext)

Initializes a new instance of the X509Certificate2 class using the specified serialization and stream context information.

X509Certificate2(Byte[], SecureString, X509KeyStorageFlags) X509Certificate2(Byte[], SecureString, X509KeyStorageFlags) X509Certificate2(Byte[], SecureString, X509KeyStorageFlags) X509Certificate2(Byte[], SecureString, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate2 class using a byte array, a password, and a key storage flag.

X509Certificate2(Byte[], SecureString) X509Certificate2(Byte[], SecureString) X509Certificate2(Byte[], SecureString) X509Certificate2(Byte[], SecureString)

Initializes a new instance of the X509Certificate2 class using a byte array and a password.

X509Certificate2(String) X509Certificate2(String) X509Certificate2(String) X509Certificate2(String)

Initializes a new instance of the X509Certificate2 class using a certificate file name.

X509Certificate2(X509Certificate) X509Certificate2(X509Certificate) X509Certificate2(X509Certificate) X509Certificate2(X509Certificate)

Initializes a new instance of the X509Certificate2 class using an X509Certificate object.

X509Certificate2(IntPtr) X509Certificate2(IntPtr) X509Certificate2(IntPtr) X509Certificate2(IntPtr)

Initializes a new instance of the X509Certificate2 class using an unmanaged handle.

X509Certificate2(Byte[]) X509Certificate2(Byte[]) X509Certificate2(Byte[]) X509Certificate2(Byte[])

Initializes a new instance of the X509Certificate2 class using information from a byte array.

X509Certificate2(Byte[], String) X509Certificate2(Byte[], String) X509Certificate2(Byte[], String) X509Certificate2(Byte[], String)

Initializes a new instance of the X509Certificate2 class using a byte array and a password.

X509Certificate2() X509Certificate2() X509Certificate2()

Initializes a new instance of the X509Certificate2 class.

public:
 X509Certificate2();
public X509Certificate2 ();
Public Sub New ()

Examples

The following code example opens the current user certificate store, selects only active certificates, then allows the user to select one or more certificates. The example then writes certificate information to the console.

#using <System.dll>
#using <System.Security.dll>

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Permissions;
using namespace System::IO;
using namespace System::Security::Cryptography::X509Certificates;
int main()
{
   try
   {
      X509Store ^ store = gcnew X509Store( "MY",StoreLocation::CurrentUser );
      store->Open( static_cast<OpenFlags>(OpenFlags::ReadOnly | OpenFlags::OpenExistingOnly) );
      X509Certificate2Collection ^ collection = dynamic_cast<X509Certificate2Collection^>(store->Certificates);
      X509Certificate2Collection ^ fcollection = dynamic_cast<X509Certificate2Collection^>(collection->Find( X509FindType::FindByTimeValid, DateTime::Now, false ));
      X509Certificate2Collection ^ scollection = X509Certificate2UI::SelectFromCollection(fcollection, "Test Certificate Select","Select a certificate from the following list to get information on that certificate",X509SelectionFlag::MultiSelection);
      Console::WriteLine( "Number of certificates: {0}{1}", scollection->Count, Environment::NewLine );
      System::Collections::IEnumerator^ myEnum = scollection->GetEnumerator();
      while ( myEnum->MoveNext() )
      {
         X509Certificate2 ^ x509 = safe_cast<X509Certificate2 ^>(myEnum->Current);
         array<Byte>^rawdata = x509->RawData;
         Console::WriteLine( "Content Type: {0}{1}", X509Certificate2::GetCertContentType( rawdata ), Environment::NewLine );
         Console::WriteLine( "Friendly Name: {0}{1}", x509->FriendlyName, Environment::NewLine );
         Console::WriteLine( "Certificate Verified?: {0}{1}", x509->Verify(), Environment::NewLine );
         Console::WriteLine( "Simple Name: {0}{1}", x509->GetNameInfo( X509NameType::SimpleName, true ), Environment::NewLine );
         Console::WriteLine( "Signature Algorithm: {0}{1}", x509->SignatureAlgorithm->FriendlyName, Environment::NewLine );
         Console::WriteLine( "Private Key: {0}{1}", x509->PrivateKey->ToXmlString( false ), Environment::NewLine );
         Console::WriteLine( "Public Key: {0}{1}", x509->PublicKey->Key->ToXmlString( false ), Environment::NewLine );
         Console::WriteLine( "Certificate Archived?: {0}{1}", x509->Archived, Environment::NewLine );
         Console::WriteLine( "Length of Raw Data: {0}{1}", x509->RawData->Length, Environment::NewLine );
         x509->Reset();
      }
      store->Close();
   }
   catch ( CryptographicException^ ) 
   {
      Console::WriteLine( "Information could not be written out for this certificate." );
   }

}

using System;
using System.Security.Cryptography;
using System.Security.Permissions;
using System.IO;
using System.Security.Cryptography.X509Certificates;

class CertSelect
{
    static void Main()
    {
        X509Store store = new X509Store("MY",StoreLocation.CurrentUser);
        store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

        X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
        X509Certificate2Collection fcollection = (X509Certificate2Collection)collection.Find(X509FindType.FindByTimeValid,DateTime.Now,false);
        X509Certificate2Collection scollection = X509Certificate2UI.SelectFromCollection(fcollection, "Test Certificate Select","Select a certificate from the following list to get information on that certificate",X509SelectionFlag.MultiSelection);
        Console.WriteLine("Number of certificates: {0}{1}",scollection.Count,Environment.NewLine);

        foreach (X509Certificate2 x509 in scollection)
        {
            try
            {
                byte[] rawdata = x509.RawData;
                Console.WriteLine("Content Type: {0}{1}",X509Certificate2.GetCertContentType(rawdata),Environment.NewLine);
                Console.WriteLine("Friendly Name: {0}{1}",x509.FriendlyName,Environment.NewLine);
                Console.WriteLine("Certificate Verified?: {0}{1}",x509.Verify(),Environment.NewLine);
                Console.WriteLine("Simple Name: {0}{1}",x509.GetNameInfo(X509NameType.SimpleName,true),Environment.NewLine);
                Console.WriteLine("Signature Algorithm: {0}{1}",x509.SignatureAlgorithm.FriendlyName,Environment.NewLine);
                Console.WriteLine("Private Key: {0}{1}",x509.PrivateKey.ToXmlString(false),Environment.NewLine);
                Console.WriteLine("Public Key: {0}{1}",x509.PublicKey.Key.ToXmlString(false),Environment.NewLine);
                Console.WriteLine("Certificate Archived?: {0}{1}",x509.Archived,Environment.NewLine);
                Console.WriteLine("Length of Raw Data: {0}{1}",x509.RawData.Length,Environment.NewLine);
                X509Certificate2UI.DisplayCertificate(x509);
                x509.Reset();
            }
            catch (CryptographicException)
            {
                Console.WriteLine("Information could not be written out for this certificate.");
            }
        }
        store.Close();
    }
}
Imports System
Imports System.Security.Cryptography
Imports System.Security.Permissions
Imports System.IO
Imports System.Security.Cryptography.X509Certificates

Class CertSelect

    Shared Sub Main()

        Dim store As New X509Store("MY", StoreLocation.CurrentUser)
        store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)

        Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
        Dim fcollection As X509Certificate2Collection = CType(collection.Find(X509FindType.FindByTimeValid, DateTime.Now, False), X509Certificate2Collection)
        Dim scollection As X509Certificate2Collection = X509Certificate2UI.SelectFromCollection(fcollection, "Test Certificate Select", "Select a certificate from the following list to get information on that certificate", X509SelectionFlag.MultiSelection)
        Console.WriteLine("Number of certificates: {0}{1}", scollection.Count, Environment.NewLine)
         
        For Each x509 As X509Certificate2 In scollection
            Try
                Dim rawdata As Byte() = x509.RawData
                Console.WriteLine("Content Type: {0}{1}", X509Certificate2.GetCertContentType(rawdata), Environment.NewLine)
                Console.WriteLine("Friendly Name: {0}{1}", x509.FriendlyName, Environment.NewLine)
                Console.WriteLine("Certificate Verified?: {0}{1}", x509.Verify(), Environment.NewLine)
                Console.WriteLine("Simple Name: {0}{1}", x509.GetNameInfo(X509NameType.SimpleName, True), Environment.NewLine)
                Console.WriteLine("Signature Algorithm: {0}{1}", x509.SignatureAlgorithm.FriendlyName, Environment.NewLine)
                Console.WriteLine("Private Key: {0}{1}", x509.PrivateKey.ToXmlString(False), Environment.NewLine)
                Console.WriteLine("Public Key: {0}{1}", x509.PublicKey.Key.ToXmlString(False), Environment.NewLine)
                Console.WriteLine("Certificate Archived?: {0}{1}", x509.Archived, Environment.NewLine)
                Console.WriteLine("Length of Raw Data: {0}{1}", x509.RawData.Length, Environment.NewLine)
                X509Certificate2UI.DisplayCertificate(x509)
                x509.Reset()         
             Catch cExcept As CryptographicException
                 Console.WriteLine("Information could not be written out for this certificate.")
             End Try
        Next x509

        store.Close()
    End Sub
End Class

Remarks

This constructor creates an empty X509Certificate2 object, unlike the other constructors for this class that use certificate information from a byte array, a pointer, or a certificate file.

X509Certificate2(String, String, X509KeyStorageFlags) X509Certificate2(String, String, X509KeyStorageFlags) X509Certificate2(String, String, X509KeyStorageFlags) X509Certificate2(String, String, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate2 class using a certificate file name, a password used to access the certificate, and a key storage flag.

public:
 X509Certificate2(System::String ^ fileName, System::String ^ password, System::Security::Cryptography::X509Certificates::X509KeyStorageFlags keyStorageFlags);
public X509Certificate2 (string fileName, string password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : string * string * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (fileName As String, password As String, keyStorageFlags As X509KeyStorageFlags)
Parameters
fileName
String String String String

The name of a certificate file.

password
String String String String

The password required to access the X.509 certificate data.

keyStorageFlags
X509KeyStorageFlags X509KeyStorageFlags X509KeyStorageFlags X509KeyStorageFlags

A bitwise combination of the enumeration values that control where and how to import the certificate.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This constructor creates a new X509Certificate2 object using a certificate file name, a password needed to access the certificate, and a key storage flag.

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening up the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate2 certificate by specifying a PKCS7 signed file store for fileName, the X509Certificate2 is created for the certificate that signed the store rather than for any of the certificates within the store.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

X509Certificate2(String, SecureString, X509KeyStorageFlags) X509Certificate2(String, SecureString, X509KeyStorageFlags) X509Certificate2(String, SecureString, X509KeyStorageFlags) X509Certificate2(String, SecureString, X509KeyStorageFlags)

Important

This API is not CLS-compliant.

Initializes a new instance of the X509Certificate2 class using a certificate file name, a password, and a key storage flag.

public:
 X509Certificate2(System::String ^ fileName, System::Security::SecureString ^ password, System::Security::Cryptography::X509Certificates::X509KeyStorageFlags keyStorageFlags);
[System.CLSCompliant(false)]
public X509Certificate2 (string fileName, System.Security.SecureString password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : string * System.Security.SecureString * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (fileName As String, password As SecureString, keyStorageFlags As X509KeyStorageFlags)
Parameters
fileName
String String String String

The name of a certificate file.

password
SecureString SecureString SecureString SecureString

The password required to access the X.509 certificate data.

keyStorageFlags
X509KeyStorageFlags X509KeyStorageFlags X509KeyStorageFlags X509KeyStorageFlags

A bitwise combination of the enumeration values that control where and how to import the certificate.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for fileName, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

X509Certificate2(Byte[], String, X509KeyStorageFlags) X509Certificate2(Byte[], String, X509KeyStorageFlags) X509Certificate2(Byte[], String, X509KeyStorageFlags) X509Certificate2(Byte[], String, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate2 class using a byte array, a password, and a key storage flag.

public:
 X509Certificate2(cli::array <System::Byte> ^ rawData, System::String ^ password, System::Security::Cryptography::X509Certificates::X509KeyStorageFlags keyStorageFlags);
public X509Certificate2 (byte[] rawData, string password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : byte[] * string * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (rawData As Byte(), password As String, keyStorageFlags As X509KeyStorageFlags)
Parameters
rawData
Byte[]

A byte array containing data from an X.509 certificate.

password
String String String String

The password required to access the X.509 certificate data.

keyStorageFlags
X509KeyStorageFlags X509KeyStorageFlags X509KeyStorageFlags X509KeyStorageFlags

A bitwise combination of the enumeration values that control where and how to import the certificate.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This constructor creates a new X509Certificate2 object using a byte array, a password that is needed to access the certificate data, and a key storage flag. It is used with PKCS12 (PFX) files that contain the certificate's private key. Calling this constructor with the correct password decrypts the private key and saves it to a Microsoft Cryptographic API Cryptographic Service Provider (CSP).

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening up the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate2 certificate by specifying a PKCS7 signed file store for rawData, the X509Certificate2 is created for the certificate that signed the store rather than for any of the certificates within the store.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

X509Certificate2(String, String) X509Certificate2(String, String) X509Certificate2(String, String) X509Certificate2(String, String)

Initializes a new instance of the X509Certificate2 class using a certificate file name and a password used to access the certificate.

public:
 X509Certificate2(System::String ^ fileName, System::String ^ password);
public X509Certificate2 (string fileName, string password);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : string * string -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (fileName As String, password As String)
Parameters
fileName
String String String String

The name of a certificate file.

password
String String String String

The password required to access the X.509 certificate data.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This constructor creates a new X509Certificate2 object using a certificate file name and a password needed to access the certificate. It is used with PKCS12 (PFX) files that contain the certificate's private key. Calling this constructor with the correct password decrypts the private key and saves it to a key container.

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening up the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate2 certificate by specifying a PKCS7 signed file store for fileName, the X509Certificate2 is created for the certificate that signed the store rather than for any of the certificates within the store.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

X509Certificate2(String, SecureString) X509Certificate2(String, SecureString) X509Certificate2(String, SecureString) X509Certificate2(String, SecureString)

Important

This API is not CLS-compliant.

Initializes a new instance of the X509Certificate2 class using a certificate file name and a password.

public:
 X509Certificate2(System::String ^ fileName, System::Security::SecureString ^ password);
[System.CLSCompliant(false)]
public X509Certificate2 (string fileName, System.Security.SecureString password);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : string * System.Security.SecureString -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (fileName As String, password As SecureString)
Parameters
fileName
String String String String

The name of a certificate file.

password
SecureString SecureString SecureString SecureString

The password required to access the X.509 certificate data.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This constructor is used with PKCS12 (PFX) files that contain the certificate's private key. Calling this constructor with the correct password decrypts the private key and saves it to a key container.

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening up the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for fileName, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

X509Certificate2(SerializationInfo, StreamingContext) X509Certificate2(SerializationInfo, StreamingContext) X509Certificate2(SerializationInfo, StreamingContext) X509Certificate2(SerializationInfo, StreamingContext)

Initializes a new instance of the X509Certificate2 class using the specified serialization and stream context information.

protected:
 X509Certificate2(System::Runtime::Serialization::SerializationInfo ^ info, System::Runtime::Serialization::StreamingContext context);
protected X509Certificate2 (System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : System.Runtime.Serialization.SerializationInfo * System.Runtime.Serialization.StreamingContext -> System.Security.Cryptography.X509Certificates.X509Certificate2
Protected Sub New (info As SerializationInfo, context As StreamingContext)
Parameters
info
SerializationInfo SerializationInfo SerializationInfo SerializationInfo

The serialization information required to deserialize the new X509Certificate2.

context
StreamingContext StreamingContext StreamingContext StreamingContext

Contextual information about the source of the stream to be deserialized.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

X509Certificate2(Byte[], SecureString, X509KeyStorageFlags) X509Certificate2(Byte[], SecureString, X509KeyStorageFlags) X509Certificate2(Byte[], SecureString, X509KeyStorageFlags) X509Certificate2(Byte[], SecureString, X509KeyStorageFlags)

Important

This API is not CLS-compliant.

Initializes a new instance of the X509Certificate2 class using a byte array, a password, and a key storage flag.

public:
 X509Certificate2(cli::array <System::Byte> ^ rawData, System::Security::SecureString ^ password, System::Security::Cryptography::X509Certificates::X509KeyStorageFlags keyStorageFlags);
[System.CLSCompliant(false)]
public X509Certificate2 (byte[] rawData, System.Security.SecureString password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : byte[] * System.Security.SecureString * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (rawData As Byte(), password As SecureString, keyStorageFlags As X509KeyStorageFlags)
Parameters
rawData
Byte[]

A byte array that contains data from an X.509 certificate.

password
SecureString SecureString SecureString SecureString

The password required to access the X.509 certificate data.

keyStorageFlags
X509KeyStorageFlags X509KeyStorageFlags X509KeyStorageFlags X509KeyStorageFlags

A bitwise combination of the enumeration values that control where and how to import the certificate.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This constructor is used with PKCS12 (PFX) files that contain the certificate's private key. Calling this constructor with the correct password decrypts the private key and saves it to a Microsoft Cryptographic API Cryptographic Service Provider (CSP).

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening up the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for rawData, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

X509Certificate2(Byte[], SecureString) X509Certificate2(Byte[], SecureString) X509Certificate2(Byte[], SecureString) X509Certificate2(Byte[], SecureString)

Important

This API is not CLS-compliant.

Initializes a new instance of the X509Certificate2 class using a byte array and a password.

public:
 X509Certificate2(cli::array <System::Byte> ^ rawData, System::Security::SecureString ^ password);
[System.CLSCompliant(false)]
public X509Certificate2 (byte[] rawData, System.Security.SecureString password);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : byte[] * System.Security.SecureString -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (rawData As Byte(), password As SecureString)
Parameters
rawData
Byte[]

A byte array that contains data from an X.509 certificate.

password
SecureString SecureString SecureString SecureString

The password required to access the X.509 certificate data.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This constructor is used with PKCS12 (PFX) files that contain the certificate's private key. Calling this constructor with the correct password decrypts the private key and saves it to a key container.

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening up the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for rawData, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

X509Certificate2(String) X509Certificate2(String) X509Certificate2(String) X509Certificate2(String)

Initializes a new instance of the X509Certificate2 class using a certificate file name.

public:
 X509Certificate2(System::String ^ fileName);
public X509Certificate2 (string fileName);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : string -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (fileName As String)
Parameters
fileName
String String String String

The name of a certificate file.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This constructor creates a new X509Certificate2 object using a certificate file name. It supports binary (DER) encoding or Base64 encoding.

If you create an X509Certificate2 certificate by specifying a PKCS7 signed file store for fileName, the X509Certificate2 is created for the certificate that signed the store rather than for any of the certificates within the store.

X509Certificate2(X509Certificate) X509Certificate2(X509Certificate) X509Certificate2(X509Certificate) X509Certificate2(X509Certificate)

Initializes a new instance of the X509Certificate2 class using an X509Certificate object.

public:
 X509Certificate2(System::Security::Cryptography::X509Certificates::X509Certificate ^ certificate);
public X509Certificate2 (System.Security.Cryptography.X509Certificates.X509Certificate certificate);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : System.Security.Cryptography.X509Certificates.X509Certificate -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (certificate As X509Certificate)
Parameters
Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This method creates a new instance of the X509Certificate2 class using an X509Certificate object.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

X509Certificate2(IntPtr) X509Certificate2(IntPtr) X509Certificate2(IntPtr) X509Certificate2(IntPtr)

Initializes a new instance of the X509Certificate2 class using an unmanaged handle.

public:
 X509Certificate2(IntPtr handle);
public X509Certificate2 (IntPtr handle);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : nativeint -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (handle As IntPtr)
Parameters
handle
IntPtr IntPtr IntPtr IntPtr

A pointer to a certificate context in unmanaged code. The C structure is called PCCERT_CONTEXT.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This constructor creates a new X509Certificate2 object using a handle for the Microsoft Cryptographic API certificate context, PCCERT_CONTEXT. Note that the immediate caller of this constructor requires unmanaged code permission.

Important

The constructor creates a copy of the certificate context. Do not assume that the context structure you passed to the constructor is valid; it may have been released. You can get a copy of the current PCCERT_CONTEXT structure from the Handle property, but it is valid only during the lifetime of the X509Certificate2 object.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

X509Certificate2(Byte[]) X509Certificate2(Byte[]) X509Certificate2(Byte[]) X509Certificate2(Byte[])

Initializes a new instance of the X509Certificate2 class using information from a byte array.

public:
 X509Certificate2(cli::array <System::Byte> ^ rawData);
public X509Certificate2 (byte[] rawData);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : byte[] -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (rawData As Byte())
Parameters
rawData
Byte[]

A byte array containing data from an X.509 certificate.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This constructor creates a new X509Certificate2 object using certificate information from a byte array. The byte array can be binary (DER) encoded or Base64-encoded X.509 data. The byte array can also be a PKCS7 (Authenticode) signed file; the signer certificate is used to create the object.

If you create an X509Certificate2 certificate by specifying a PKCS7 signed file store for rawData, the X509Certificate2 is created for the certificate that signed the store rather than for any of the certificates within the store.

X509Certificate2(Byte[], String) X509Certificate2(Byte[], String) X509Certificate2(Byte[], String) X509Certificate2(Byte[], String)

Initializes a new instance of the X509Certificate2 class using a byte array and a password.

public:
 X509Certificate2(cli::array <System::Byte> ^ rawData, System::String ^ password);
public X509Certificate2 (byte[] rawData, string password);
new System.Security.Cryptography.X509Certificates.X509Certificate2 : byte[] * string -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Sub New (rawData As Byte(), password As String)
Parameters
rawData
Byte[]

A byte array containing data from an X.509 certificate.

password
String String String String

The password required to access the X.509 certificate data.

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Remarks

This constructor creates a new X509Certificate2 object using a byte array and a password that is needed to access the certificate data. It is used with PKCS12 (PFX) files that contain the certificate's private key. Calling this constructor with the correct password decrypts the private key and saves it to a key container.

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening up the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate2 certificate by specifying a PKCS7 signed file store for rawData, the X509Certificate2 is created for the certificate that signed the store rather than for any of the certificates within the store.

Security

SecurityPermission
for accessing unmanaged code. Security action: InheritanceDemand. Associated enumeration: UnmanagedCode

Applies to