Managing HTTPS server certificates from inside a program?

Question

I want to perform the following actions from inside .NET code:

1. Create a self-signed certificate into the store, obtain its thumbprint;
2. Import an existing certificate file into the store. Likewise, obtain thumbprint;
3. Configure an HTTPS port for using this certificate, as per "netsh http add sslcert". I could simply run this console command from inside my program, but it'd be nice if there was a better way.

By the way, item #3 is the reason I need the thumbprints in items #1 and #2. Is this possible?

Answer 1

Have a look at the System.Security.Cryptography.X509Certificates namespace.

Notably, the X509Store class will do at least one of the things you're referring to: Importing an existing certificate into the store. e.g.

X509Store store = new X509Store(StoreName.Root, StoreLocation.LocalMachine);
try
{
 store.Open(OpenFlags.ReadWrite);
 store.Add(
     new X509Certificate2(@"Certificates\MyCertificate.pfx", "password"));
}
finally
{
 store.Close();
}

---

See also:

• Microsoft KB 950090 - Installing a PFX file using X509Certificate from a standard .NET application

---

On one of your other parts, creating a certificate, I found this: makecert.cs: makecert clone tool ... if you're not going to call out to a console tool like makecert.exe, you'll likely end up implementing something similar to that.