Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Using C# to extract publick key from pfx file without a password

Posted on 2016-10-18
2
Medium Priority
?
562 Views
Last Modified: 2016-10-22
I want to know if it is possible, and how, to use C# to extract publick keys from pfx files without a password. I understand the password is there to protect the private key, so the public keys should be available without the password right?
0
Comment
Question by:itnifl
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 41849524
You still need password as pfx is protected by password. Your can extract if it is plain pem or crt but no pfx without password.  You should be able to get a collection object containing the certs in your .pfx file by using the X509Certificate2Collection class
string certPath = <YOUR PFX FILE PATH>;
string certPass = <YOUR PASSWORD>;

// Create a collection object and populate it using the PFX file
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.Import(certPath, certPass, X509KeyStorageFlags.PersistKeySet);

foreach (X509Certificate2 cert in collection)
{
    Console.WriteLine("Subject is: '{0}'", cert.Subject);
    Console.WriteLine("Issuer is:  '{0}'", cert.Issuer);

    // Import the certificates into X509Store objects
}
In .NET, the X509Certificate2 object has properties for the PublicKey and PrivateKey. But that's largely for convenience. A certificate is something you are supposed to present to someone to prove something, and by design, it's only the public portion of the public/private key pair that is ever presented to anyone. When an X509 certificate is presented to someone, .NET of course strips out the private key. Having the private key property on the certificate object is a bit of a misrepresentation, especially since, as we'll see, there's a big difference in how the public and private key are dealt with.
http://paulstovell.com/blog/x509certificate2

May be better to use openssl
•Private key: openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem

•Certificates: openssl pkcs12 -in yourP12File.pfx -clcerts -nokeys -out publicCert.pem
http://anuchandy.blogspot.sg/2012/04/extracting-public-certificate-and.html
0
 
LVL 2

Author Closing Comment

by:itnifl
ID: 41855471
Find it weird that OpenSSL can do it, but not .Net.
What you tell me is the same as what I found.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question