C# - 每次重新颁发 SSL 证书时都需要更改应用程序中的序列号
C# - every time SSL cert is reissued it requires to change serial number in application
我正在使用以下代码在 C# web API 中配置 SSL 证书。问题是我正在使用序列号查找 SSL 证书,每次 Infra 重新颁发 SSL 证书时,我都必须更新应用程序配置中的证书序列号。是否有任何证书 属性 在重新发布后保持不变?
X509Store store = new X509Store(StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certificates = store.Certificates.Find(
X509FindType.FindBySerialNumber,
sslCertificateSerialNumber,
false);
'sslCertificateSerialNumber' 来自配置文件
你可以使用 findBySubjectName 它更有用。如果你有多个主题,你可以这样做:
X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
foreach (X509Certificate2 x509 in collection)
{
if (x509.Thumbprint == "5550541D10488D148BCAC0D289DED441609849FF")
{
client.ClientCredentials.ClientCertificate.SetCertificate(
x509.SubjectName.Name, store.Location, StoreName.TrustedPeople);
}
}
我正在使用以下代码在 C# web API 中配置 SSL 证书。问题是我正在使用序列号查找 SSL 证书,每次 Infra 重新颁发 SSL 证书时,我都必须更新应用程序配置中的证书序列号。是否有任何证书 属性 在重新发布后保持不变?
X509Store store = new X509Store(StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certificates = store.Certificates.Find(
X509FindType.FindBySerialNumber,
sslCertificateSerialNumber,
false);
'sslCertificateSerialNumber' 来自配置文件
你可以使用 findBySubjectName 它更有用。如果你有多个主题,你可以这样做:
X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
foreach (X509Certificate2 x509 in collection)
{
if (x509.Thumbprint == "5550541D10488D148BCAC0D289DED441609849FF")
{
client.ClientCredentials.ClientCertificate.SetCertificate(
x509.SubjectName.Name, store.Location, StoreName.TrustedPeople);
}
}