我正在尝试使用BouncyCastle.Crypto dll创建证书,然后使用该证书将SslStream作为Windows服务进程中的服务器进行身份验证,该服务在本地系统帐户下运行.
然而,当我到达SslStream.AuthenticateAsServer(证书)调用,它抛出以"提供给包中的凭据无法识别"错误消息的Win32异常.
这里有关于此错误消息的几个问题,但它们似乎都没有描述或解决我的特定问题.
希望有人能够提供一些帮助,我包含我用来创建和安装证书的代码:
// First create a certificate using the BouncyCastle classes
BigInteger serialNumber = BigInteger.ProbablePrime(120, new Random());
AsymmetricCipherKeyPair keyPair = GenerateKeyPair();
X509V1CertificateGenerator generator = new X509V1CertificateGenerator();
generator.SetSerialNumber(serialNumber);
generator.SetIssuerDN(new X509Name("CN=My Issuer"));
generator.SetNotBefore(DateTime.Today);
generator.SetNotAfter(DateTime.Today.AddYears(100));
generator.SetSubjectDN(new X509Name("CN=My Issuer"));
generator.SetPublicKey(keyPair.Public);
generator.SetSignatureAlgorithm("SHA1WITHRSA");
Org.BouncyCastle.X509.X509Certificate cert = generator.Generate(
keyPair.Private, SecureRandom.GetInstance("SHA1PRNG"));
// Ok, now we have a BouncyCastle certificate, we need to convert it to the
// System.Security.Cryptography class, by writing it out to disk and reloading
X509Certificate2 dotNetCert;
string tempStorePassword = "Password01"; // In …