X509Certificate2.CreateFromEncryptedPemFile(String, ReadOnlySpan<Char>, String) 方法

定義

從 RFC 7468 PEM 編碼憑證與受密碼保護之私密金鑰的檔案內容建立新的 X509 憑證。Creates a new X509 certificate from the file contents of an RFC 7468 PEM-encoded certificate and password protected private key.

public static System.Security.Cryptography.X509Certificates.X509Certificate2 CreateFromEncryptedPemFile (string certPemFilePath, ReadOnlySpan<char>? password, string? keyPemFilePath = default);
static member CreateFromEncryptedPemFile : string * ReadOnlySpan<char> * string -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Shared Function CreateFromEncryptedPemFile (certPemFilePath As String, password As ReadOnlySpan(Of Char), Optional keyPemFilePath As String = Nothing) As X509Certificate2

參數

certPemFilePath
String

PEM 編碼 X509 憑證的路徑。The path for the PEM-encoded X509 certificate.

password
ReadOnlySpan<Char>

已加密 PEM 的密碼。The password for the encrypted PEM.

keyPemFilePath
String

若指定,則為受密碼保護之 PEM 編碼私密金鑰的路徑。If specified, the path for the password protected PEM-encoded private key. 若未指定,將會使用 certPemFilePath 檔案來載入私密金鑰。If unspecified, the certPemFilePath file will be used to load the private key.

傳回

X509Certificate2

含私密金鑰的新憑證。A new certificate with the private key.

例外狀況

certPemFilePath 中檔案路徑的內容並不包含 PEM 編碼憑證,或其格式不正確。The contents of the file path in certPemFilePath do not contain a PEM-encoded certificate, or it is malformed.

-或--or-

keyPemFilePath 的檔案路徑內容並不包含受密碼保護的 PEM 編碼私密金鑰,或其格式不正確。The contents of the file path in keyPemFilePath do not contain a password protected PEM-encoded private key, or it is malformed.

-或--or-

keyPemFilePath 的檔案路徑內容包含不符合憑證中公開金鑰的金鑰。The contents of the file path in keyPemFilePath contains a key that does not match the public key in the certificate.

-或--or-

憑證使用未知的公開金鑰演算法。The certificate uses an unknown public key algorithm.

-或--or-

針對私密金鑰指定的密碼不正確。The password specified for the private key is incorrect.

certPemFilePathnullcertPemFilePath is null.

備註

ReadAllText(String)如需可擲回之例外狀況的其他檔,請參閱。See ReadAllText(String) for additional documentation about exceptions that can be thrown.

受密碼保護的 PEM 編碼金鑰一律應具有 PEM 標籤「加密的私密金鑰」。Password protected PEM-encoded keys are always expected to have the PEM label "ENCRYPTED PRIVATE KEY".

會忽略具有不同標籤的 PEM 編碼專案。PEM-encoded items that have a different label are ignored.

結合 PEM 編碼的憑證和金鑰不需要特定的順序。Combined PEM-encoded certificates and keys do not require a specific order. 對於憑證,會載入具有憑證標籤的第一個憑證。For the certificate, the the first certificate with a CERTIFICATE label is loaded. 針對私密金鑰,會載入具有「加密的私密金鑰」標籤的第一個私密金鑰。For the private key, the first private key with the label "ENCRYPTED PRIVATE KEY" is loaded. 載入憑證和私密金鑰的更先進案例可以利用 PemEncoding 來列舉 PEM 編碼的值,並套用任何自訂載入行為。More advanced scenarios for loading certificates and private keys can leverage PemEncoding to enumerate PEM-encoded values and apply any custom loading behavior.

針對沒有密碼的 PEM 編碼的金鑰,請使用 CreateFromPemFile(String, String)For PEM-encoded keys without a password, use CreateFromPemFile(String, String).

適用於