X509Certificate2.CreateFromPem(ReadOnlySpan<Char>, ReadOnlySpan<Char>) 方法


從 RFC 7468 PEM 編碼憑證與私密金鑰的內容建立新的 X509 憑證。Creates a new X509 certificate from the contents of an RFC 7468 PEM-encoded certificate and private key.

 static System::Security::Cryptography::X509Certificates::X509Certificate2 ^ CreateFromPem(ReadOnlySpan<char> certPem, ReadOnlySpan<char> keyPem);
public static System.Security.Cryptography.X509Certificates.X509Certificate2? CreateFromPem (ReadOnlySpan<char> certPem, ReadOnlySpan<char> keyPem);
static member CreateFromPem : ReadOnlySpan<char> * ReadOnlySpan<char> -> System.Security.Cryptography.X509Certificates.X509Certificate2
Public Shared Function CreateFromPem (certPem As ReadOnlySpan(Of Char), keyPem As ReadOnlySpan(Of Char)) As X509Certificate2



PEM 編碼 X509 憑證的文字。The text of the PEM-encoded X509 certificate.


PEM 編碼私密金鑰的文字。The text of the PEM-encoded private key.



含私密金鑰的新憑證。A new certificate with the private key.


certPem 的內容並不包含 PEM 編碼的憑證,或其格式不正確。The contents of certPem do not contain a PEM-encoded certificate, or it is malformed.


keyPem 其內容並不包含 PEM 編碼私密金鑰,或其格式不正確。The contents of keyPem do not contain a PEM-encoded private key, or it is malformed.


keyPem 其內容包含不符合憑證中公開金鑰的金鑰。The contents of keyPem contains a key that does not match the public key in the certificate.


憑證使用未知的公開金鑰演算法。The certificate uses an unknown public key algorithm.


來自憑證的 SubjectPublicKeyInfo 可決定要為私密金鑰接受哪些 PEM 標籤。The SubjectPublicKeyInfo from the certificate determines what PEM labels are accepted for the private key. 針對 RSA 憑證,接受的私密金鑰 PEM 標籤為「RSA 私密金鑰」和「私密金鑰」。For RSA certificates, accepted private key PEM labels are "RSA PRIVATE KEY" and "PRIVATE KEY". 對於 ECDSA 憑證,接受的私密金鑰 PEM 標籤是 "EC 私密金鑰" 和 "私密金鑰"。For ECDSA certificates, accepted private key PEM labels are "EC PRIVATE KEY" and "PRIVATE KEY". 若為 DSA 憑證,接受的私密金鑰 PEM 標籤為「私密金鑰」。For DSA certificates, the accepted private key PEM label is "PRIVATE KEY".

會忽略具有不同標籤的 PEM 編碼專案。PEM-encoded items that have a different label are ignored.

如果 PEM 編碼的憑證和私密金鑰是以相同的文字表示,則針對和使用相同的字串 certPemkeyPem 例如, CreateFromPem(combinedCertAndKey, combinedCertAndKey);If the PEM-encoded certificate and private key are in the same text, use the same string for both certPem and keyPem, for example, CreateFromPem(combinedCertAndKey, combinedCertAndKey);. 結合 PEM 編碼的憑證和金鑰不需要特定的順序。Combined PEM-encoded certificates and keys do not require a specific order. 對於憑證,會載入具有憑證標籤的第一個憑證。For the certificate, the the first certificate with a CERTIFICATE label is loaded. 針對私密金鑰,會載入具有可接受標籤的第一個私密金鑰。For the private key, the first private key with an acceptable label is loaded. 載入憑證和私密金鑰的更先進案例可以利用 PemEncoding 來列舉 PEM 編碼的值,並套用任何自訂載入行為。More advanced scenarios for loading certificates and private keys can leverage PemEncoding to enumerate PEM-encoded values and apply any custom loading behavior.

針對受密碼保護的 PEM 編碼金鑰,請使用 CreateFromEncryptedPem(ReadOnlySpan<Char>, ReadOnlySpan<Char>, ReadOnlySpan<Char>) 來指定密碼。For password protected PEM-encoded keys, use CreateFromEncryptedPem(ReadOnlySpan<Char>, ReadOnlySpan<Char>, ReadOnlySpan<Char>) to specify a password.