CertificateRequest.CreateSigningRequest Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Overloads
| CreateSigningRequest() |
Creates an ASN.1 DER-encoded PKCS#10 CertificationRequest value representing the state of the current object. |
| CreateSigningRequest(X509SignatureGenerator) |
Creates an ASN.1 DER-encoded PKCS#10 CertificationRequest representing the current state of the current object using the provided signature generator. |
CreateSigningRequest()
- Source:
- CertificateRequest.cs
- Source:
- CertificateRequest.cs
- Source:
- CertificateRequest.cs
Creates an ASN.1 DER-encoded PKCS#10 CertificationRequest value representing the state of the current object.
public:
cli::array <System::Byte> ^ CreateSigningRequest();public byte[] CreateSigningRequest ();member this.CreateSigningRequest : unit -> byte[]Public Function CreateSigningRequest () As Byte()Returns
A DER-encoded certificate signing request.
Exceptions
The current object was created using a constructor that doesn't accept a signing key.
The HashAlgorithm property value is not supported.
A cryptographic error occurs while creating the signing request.
Remarks
This method does not support using MD5 or SHA-1 as the hash algorithm for the signing request signature. If you need an MD5 or SHA-1 based signing request, you need to implement a custom X509SignatureGenerator and call CreateSigningRequest(X509SignatureGenerator).
When submitting a certificate signing request via a web browser, or other graphical or textual
interface, the input is frequently expected to be in the Privacy Enhanced Mail (PEM) format,
instead of the DER binary format. To convert the return value to PEM format, make a string
consisting of -----BEGIN CERTIFICATE REQUEST-----, a newline, the Base-64-encoded
representation of the request (by convention, linewrapped at 64 characters), a newline,
and -----END CERTIFICATE REQUEST-----.
public static string PemEncodeSigningRequest(CertificateRequest request, PkcsSignatureGenerator generator)
{
byte[] pkcs10 = request.CreateSigningRequest(generator);
StringBuilder builder = new StringBuilder();
builder.AppendLine("-----BEGIN CERTIFICATE REQUEST-----");
string base64 = Convert.ToBase64String(pkcs10);
int offset = 0;
const int LineLength = 64;
while (offset < base64.Length)
{
int lineEnd = Math.Min(offset + LineLength, base64.Length);
builder.AppendLine(base64.Substring(offset, lineEnd - offset));
offset = lineEnd;
}
builder.AppendLine("-----END CERTIFICATE REQUEST-----");
return builder.ToString();
}
Applies to
CreateSigningRequest(X509SignatureGenerator)
- Source:
- CertificateRequest.cs
- Source:
- CertificateRequest.cs
- Source:
- CertificateRequest.cs
Creates an ASN.1 DER-encoded PKCS#10 CertificationRequest representing the current state of the current object using the provided signature generator.
public:
cli::array <System::Byte> ^ CreateSigningRequest(System::Security::Cryptography::X509Certificates::X509SignatureGenerator ^ signatureGenerator);public byte[] CreateSigningRequest (System.Security.Cryptography.X509Certificates.X509SignatureGenerator signatureGenerator);member this.CreateSigningRequest : System.Security.Cryptography.X509Certificates.X509SignatureGenerator -> byte[]Public Function CreateSigningRequest (signatureGenerator As X509SignatureGenerator) As Byte()Parameters
- signatureGenerator
- X509SignatureGenerator
The signature generator with which to sign the request.
Returns
A DER-encoded certificate signing request.
Exceptions
signatureGenerator is null.
A cryptographic error occurs while creating the signing request.
OtherRequestAttributes contains a null value.
-or-
OtherRequestAttributes contains an entry with a nullOid value.
-or-
OtherRequestAttributes contains an entry representing the PKCS#9 Extension Request Attribute (1.2.840.113549.1.9.14).
-or-
CertificateExtensions contains a null value.
-or-
CertificateExtensions contains an entry with a nullOid value.
-or-
This object was created with a constructor that did not accept a signing key.
Remarks
When submitting a certificate signing request via a web browser or other graphical or textual interface, the input is frequently expected to be in the PEM (Privacy Enhanced Mail) format, instead of the DER binary format.
