X509Certificate Constructors

Definition

Initializes a new instance of the X509Certificate class.

Overloads

X509Certificate()
Obsolete.

Initializes a new instance of the X509Certificate class.

X509Certificate(Byte[])

Initializes a new instance of the X509Certificate class defined from a sequence of bytes representing an X.509v3 certificate.

X509Certificate(IntPtr)

Initializes a new instance of the X509Certificate class using a handle to an unmanaged PCCERT_CONTEXT structure.

X509Certificate(X509Certificate)

Initializes a new instance of the X509Certificate class using another X509Certificate class.

X509Certificate(String)

Initializes a new instance of the X509Certificate class using the name of a PKCS7 signed file.

X509Certificate(Byte[], SecureString)

Initializes a new instance of the X509Certificate class using a byte array and a password.

X509Certificate(Byte[], String)

Initializes a new instance of the X509Certificate class using a byte array and a password.

X509Certificate(SerializationInfo, StreamingContext)
Obsolete.

Initializes a new instance of the X509Certificate class using a SerializationInfo object and a StreamingContext structure.

X509Certificate(String, SecureString)

Initializes a new instance of the X509Certificate class using a certificate file name and a password.

X509Certificate(String, String)

Initializes a new instance of the X509Certificate class using the name of a PKCS7 signed file and a password to access the certificate.

X509Certificate(Byte[], SecureString, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate class using a byte array, a password, and a key storage flag.

X509Certificate(Byte[], String, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate class using a byte array, a password, and a key storage flag.

X509Certificate(String, SecureString, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate class using a certificate file name, a password, and a key storage flag.

X509Certificate(String, String, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate class using the name of a PKCS7 signed file, a password to access the certificate, and a key storage flag.

X509Certificate()

Caution

X509Certificate and X509Certificate2 are immutable. Use the appropriate constructor to create a new certificate.

Initializes a new instance of the X509Certificate class.

public:
 X509Certificate();
public X509Certificate ();
[System.Obsolete("X509Certificate and X509Certificate2 are immutable. Use the appropriate constructor to create a new certificate.", DiagnosticId="SYSLIB0026", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public X509Certificate ();
[System.Obsolete("X509Certificate and X509Certificate2 are immutable. Use the appropriate constructor to create a new certificate.", DiagnosticId="SYSLIB0026", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate ();
Public Sub New ()
Attributes

Remarks

ASN.1 DER is the only certificate format supported by this class.

Applies to

X509Certificate(Byte[])

Initializes a new instance of the X509Certificate class defined from a sequence of bytes representing an X.509v3 certificate.

public:
 X509Certificate(cli::array <System::Byte> ^ data);
public X509Certificate (byte[] data);
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (byte[] data);
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (data As Byte())

Parameters

data
Byte[]

A byte array containing data from an X.509 certificate.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The rawData parameter is null.

-or-

The length of the rawData parameter is 0.

Examples

The following example loads an X.509 certificate file into an X509Certificate object, exports the certificate as a byte array, and then imports the byte array into another X509Certificate object.

using namespace System;
using namespace System::Security::Cryptography::X509Certificates;
int main()
{
   
   // The path to the certificate.
   String^ Certificate = L"test.pfx";
   
   // Load the certificate into an X509Certificate object.
   X509Certificate^ cert = gcnew X509Certificate( Certificate );
   array<Byte>^certData = cert->Export( X509ContentType::Cert );
   X509Certificate^ newCert = gcnew X509Certificate( certData );
   
   // Get the value.
   String^ resultsTrue = newCert->ToString( true );
   
   // Display the value to the console.
   Console::WriteLine( resultsTrue );
   
   // Get the value.
   String^ resultsFalse = newCert->ToString( false );
   
   // Display the value to the console.
   Console::WriteLine( resultsFalse );
}
using System;
using System.Security.Cryptography.X509Certificates;

public class X509
{

    public static void Main()
    {

        // The path to the certificate.
        string Certificate = "test.pfx";

        // Load the certificate into an X509Certificate object.
        X509Certificate cert = new X509Certificate(Certificate);

        byte[] certData = cert.Export(X509ContentType.Cert);

        X509Certificate newCert = new X509Certificate(certData);

        // Get the value.
        string resultsTrue = newCert.ToString(true);

        // Display the value to the console.
        Console.WriteLine(resultsTrue);

        // Get the value.
        string resultsFalse = newCert.ToString(false);

        // Display the value to the console.
        Console.WriteLine(resultsFalse);
    }
}
Imports System.Security.Cryptography.X509Certificates


Module X509

    Sub Main()

        ' The path to the certificate.
        Dim Certificate As String = "test.pfx"

        ' Load the certificate into an X509Certificate object.
        Dim cert As New X509Certificate(Certificate)


        Dim certData As Byte() = cert.Export(X509ContentType.Cert)

        Dim newCert As New X509Certificate(certData)

        ' Get the value.
        Dim resultsTrue As String = newCert.ToString(True)

        ' Display the value to the console.
        Console.WriteLine(resultsTrue)

        ' Get the value.
        Dim resultsFalse As String = newCert.ToString(False)

        ' Display the value to the console.
        Console.WriteLine(resultsFalse)

    End Sub
End Module

Remarks

ASN.1 DER is the only certificate format supported by this class.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for data, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Applies to

X509Certificate(IntPtr)

Initializes a new instance of the X509Certificate class using a handle to an unmanaged PCCERT_CONTEXT structure.

public:
 X509Certificate(IntPtr handle);
public X509Certificate (IntPtr handle);
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (IntPtr handle);
[System.Security.SecurityCritical]
public X509Certificate (IntPtr handle);
new System.Security.Cryptography.X509Certificates.X509Certificate : nativeint -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : nativeint -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.Security.SecurityCritical>]
new System.Security.Cryptography.X509Certificates.X509Certificate : nativeint -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (handle As IntPtr)

Parameters

handle
IntPtr

nativeint

A handle to an unmanaged PCCERT_CONTEXT structure.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The handle parameter does not represent a valid PCCERT_CONTEXT structure.

Remarks

This constructor creates a new X509Certificate object using a handle for the Microsoft Cryptographic API certificate context, PCCERT_CONTEXT.

Important

This constructor creates a copy of the certificate context. Do not assume that the context structure you passed to the constructor is valid; it may have been released. You can get a copy of the current PCCERT_CONTEXT structure from the Handle property, but it is valid only during the lifetime of the X509Certificate object.

Applies to

X509Certificate(X509Certificate)

Initializes a new instance of the X509Certificate class using another X509Certificate class.

public:
 X509Certificate(System::Security::Cryptography::X509Certificates::X509Certificate ^ cert);
public X509Certificate (System.Security.Cryptography.X509Certificates.X509Certificate cert);
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (System.Security.Cryptography.X509Certificates.X509Certificate cert);
new System.Security.Cryptography.X509Certificates.X509Certificate : System.Security.Cryptography.X509Certificates.X509Certificate -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : System.Security.Cryptography.X509Certificates.X509Certificate -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (cert As X509Certificate)

Parameters

cert
X509Certificate

A X509Certificate class from which to initialize this class.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The value of the cert parameter is null.

Remarks

ASN.1 DER is the only certificate format supported by this class.

Applies to

X509Certificate(String)

Initializes a new instance of the X509Certificate class using the name of a PKCS7 signed file.

public:
 X509Certificate(System::String ^ fileName);
public X509Certificate (string fileName);
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (string fileName);
new System.Security.Cryptography.X509Certificates.X509Certificate : string -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : string -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (fileName As String)

Parameters

fileName
String

The name of a PKCS7 signed file.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The fileName parameter is null.

Examples

The following example loads an X.509 certificate from a file, calls the ToString method, and displays the results to the console.

using namespace System;
using namespace System::Security::Cryptography::X509Certificates;
int main()
{
   
   // The path to the certificate.
   String^ Certificate = L"Certificate.cer";
   
   // Load the certificate into an X509Certificate object.
   X509Certificate^ cert = gcnew X509Certificate( Certificate );
   
   // Get the value.
   String^ resultsTrue = cert->ToString( true );
   
   // Display the value to the console.
   Console::WriteLine( resultsTrue );
   
   // Get the value.
   String^ resultsFalse = cert->ToString( false );
   
   // Display the value to the console.
   Console::WriteLine( resultsFalse );
}
using System;
using System.Security.Cryptography.X509Certificates;

public class X509
{

    public static void Main()
    {

        // The path to the certificate.
        string Certificate = "Certificate.cer";

        // Load the certificate into an X509Certificate object.
        X509Certificate cert = new X509Certificate(Certificate);

        // Get the value.
        string resultsTrue = cert.ToString(true);

        // Display the value to the console.
        Console.WriteLine(resultsTrue);

        // Get the value.
        string resultsFalse = cert.ToString(false);

        // Display the value to the console.
        Console.WriteLine(resultsFalse);
    }
}
Imports System.Security.Cryptography.X509Certificates

Module X509

    Sub Main()

        ' The path to the certificate.
        Dim Certificate As String = "Certificate.cer"

        ' Load the certificate into an X509Certificate object.
        Dim cert As New X509Certificate(Certificate)

        ' Get the value.
        Dim resultsTrue As String = cert.ToString(True)

        ' Display the value to the console.
        Console.WriteLine(resultsTrue)

        ' Get the value.
        Dim resultsFalse As String = cert.ToString(False)

        ' Display the value to the console.
        Console.WriteLine(resultsFalse)

    End Sub
End Module

Remarks

ASN.1 DER is the only certificate format supported by this class.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for fileName, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Applies to

X509Certificate(Byte[], SecureString)

Important

This API is not CLS-compliant.

Initializes a new instance of the X509Certificate class using a byte array and a password.

public:
 X509Certificate(cli::array <System::Byte> ^ rawData, System::Security::SecureString ^ password);
[System.CLSCompliant(false)]
public X509Certificate (byte[] rawData, System.Security.SecureString? password);
[System.CLSCompliant(false)]
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (byte[] rawData, System.Security.SecureString? password);
[System.CLSCompliant(false)]
public X509Certificate (byte[] rawData, System.Security.SecureString password);
public X509Certificate (byte[] rawData, System.Security.SecureString password);
[<System.CLSCompliant(false)>]
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] * System.Security.SecureString -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.CLSCompliant(false)>]
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] * System.Security.SecureString -> System.Security.Cryptography.X509Certificates.X509Certificate
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] * System.Security.SecureString -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (rawData As Byte(), password As SecureString)

Parameters

rawData
Byte[]

A byte array that contains data from an X.509 certificate.

password
SecureString

The password required to access the X.509 certificate data.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The rawData parameter is null.

-or-

The length of the rawData parameter is 0.

Remarks

ASN.1 DER is the only certificate format supported by this class.

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for rawData, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Applies to

X509Certificate(Byte[], String)

Initializes a new instance of the X509Certificate class using a byte array and a password.

public:
 X509Certificate(cli::array <System::Byte> ^ rawData, System::String ^ password);
public X509Certificate (byte[] rawData, string? password);
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (byte[] rawData, string? password);
public X509Certificate (byte[] rawData, string password);
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] * string -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] * string -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (rawData As Byte(), password As String)

Parameters

rawData
Byte[]

A byte array containing data from an X.509 certificate.

password
String

The password required to access the X.509 certificate data.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The rawData parameter is null.

-or-

The length of the rawData parameter is 0.

Remarks

ASN.1 DER is the only certificate format supported by this class.

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for rawData, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Applies to

X509Certificate(SerializationInfo, StreamingContext)

Caution

This API supports obsolete formatter-based serialization. It should not be called or extended by application code.

Initializes a new instance of the X509Certificate class using a SerializationInfo object and a StreamingContext structure.

public:
 X509Certificate(System::Runtime::Serialization::SerializationInfo ^ info, System::Runtime::Serialization::StreamingContext context);
public X509Certificate (System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context);
[System.Obsolete("This API supports obsolete formatter-based serialization. It should not be called or extended by application code.", DiagnosticId="SYSLIB0051", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public X509Certificate (System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context);
new System.Security.Cryptography.X509Certificates.X509Certificate : System.Runtime.Serialization.SerializationInfo * System.Runtime.Serialization.StreamingContext -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.Obsolete("This API supports obsolete formatter-based serialization. It should not be called or extended by application code.", DiagnosticId="SYSLIB0051", UrlFormat="https://aka.ms/dotnet-warnings/{0}")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : System.Runtime.Serialization.SerializationInfo * System.Runtime.Serialization.StreamingContext -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (info As SerializationInfo, context As StreamingContext)

Parameters

info
SerializationInfo

A SerializationInfo object that describes serialization information.

context
StreamingContext

A StreamingContext structure that describes how serialization should be performed.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

Applies to

X509Certificate(String, SecureString)

Important

This API is not CLS-compliant.

Initializes a new instance of the X509Certificate class using a certificate file name and a password.

public:
 X509Certificate(System::String ^ fileName, System::Security::SecureString ^ password);
[System.CLSCompliant(false)]
public X509Certificate (string fileName, System.Security.SecureString? password);
[System.CLSCompliant(false)]
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (string fileName, System.Security.SecureString? password);
[System.CLSCompliant(false)]
public X509Certificate (string fileName, System.Security.SecureString password);
public X509Certificate (string fileName, System.Security.SecureString password);
[<System.CLSCompliant(false)>]
new System.Security.Cryptography.X509Certificates.X509Certificate : string * System.Security.SecureString -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.CLSCompliant(false)>]
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : string * System.Security.SecureString -> System.Security.Cryptography.X509Certificates.X509Certificate
new System.Security.Cryptography.X509Certificates.X509Certificate : string * System.Security.SecureString -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (fileName As String, password As SecureString)

Parameters

fileName
String

The name of a certificate file.

password
SecureString

The password required to access the X.509 certificate data.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The fileName parameter is null.

Remarks

ASN.1 DER is the only certificate format supported by this class. Calling this constructor with the correct password decrypts the private key and saves it to a key container.

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for fileName, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Applies to

X509Certificate(String, String)

Initializes a new instance of the X509Certificate class using the name of a PKCS7 signed file and a password to access the certificate.

public:
 X509Certificate(System::String ^ fileName, System::String ^ password);
public X509Certificate (string fileName, string? password);
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (string fileName, string? password);
public X509Certificate (string fileName, string password);
new System.Security.Cryptography.X509Certificates.X509Certificate : string * string -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : string * string -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (fileName As String, password As String)

Parameters

fileName
String

The name of a PKCS7 signed file.

password
String

The password required to access the X.509 certificate data.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The fileName parameter is null.

Remarks

ASN.1 DER is the only certificate format supported by this class. Calling this constructor with the correct password decrypts the private key and saves it to a key container.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for fileName, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Applies to

X509Certificate(Byte[], SecureString, X509KeyStorageFlags)

Important

This API is not CLS-compliant.

Initializes a new instance of the X509Certificate class using a byte array, a password, and a key storage flag.

public:
 X509Certificate(cli::array <System::Byte> ^ rawData, System::Security::SecureString ^ password, System::Security::Cryptography::X509Certificates::X509KeyStorageFlags keyStorageFlags);
[System.CLSCompliant(false)]
public X509Certificate (byte[] rawData, System.Security.SecureString? password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
[System.CLSCompliant(false)]
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (byte[] rawData, System.Security.SecureString? password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
[System.CLSCompliant(false)]
public X509Certificate (byte[] rawData, System.Security.SecureString password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
public X509Certificate (byte[] rawData, System.Security.SecureString password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
[<System.CLSCompliant(false)>]
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] * System.Security.SecureString * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.CLSCompliant(false)>]
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] * System.Security.SecureString * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] * System.Security.SecureString * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (rawData As Byte(), password As SecureString, keyStorageFlags As X509KeyStorageFlags)

Parameters

rawData
Byte[]

A byte array that contains data from an X.509 certificate.

password
SecureString

The password required to access the X.509 certificate data.

keyStorageFlags
X509KeyStorageFlags

A bitwise combination of the enumeration values that control where and how to import the certificate.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The rawData parameter is null.

-or-

The length of the rawData parameter is 0.

Remarks

Calling this constructor with the correct password decrypts the private key and saves it to a Microsoft Cryptographic API Cryptographic Service Provider (CSP).

ASN.1 DER is the only certificate format supported by this class.

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for rawData, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Applies to

X509Certificate(Byte[], String, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate class using a byte array, a password, and a key storage flag.

public:
 X509Certificate(cli::array <System::Byte> ^ rawData, System::String ^ password, System::Security::Cryptography::X509Certificates::X509KeyStorageFlags keyStorageFlags);
public X509Certificate (byte[] rawData, string? password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (byte[] rawData, string? password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
public X509Certificate (byte[] rawData, string password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] * string * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : byte[] * string * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (rawData As Byte(), password As String, keyStorageFlags As X509KeyStorageFlags)

Parameters

rawData
Byte[]

A byte array containing data from an X.509 certificate.

password
String

The password required to access the X.509 certificate data.

keyStorageFlags
X509KeyStorageFlags

A bitwise combination of the enumeration values that control where and how to import the certificate.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The rawData parameter is null.

-or-

The length of the rawData parameter is 0.

Remarks

This constructor creates a new X509Certificate object using a byte array, a password that is needed to access the certificate data, and a key storage flag. Calling this constructor with the correct password decrypts the private key and saves it to a Microsoft Cryptographic API Cryptographic Service Provider (CSP).

The X509KeyStorageFlags value can be used to control where and how the private key is imported.

ASN.1 DER is the only certificate format supported by this class.

Important

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening the assembly in a text editor such as Notepad.exe.

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for rawData, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Applies to

X509Certificate(String, SecureString, X509KeyStorageFlags)

Important

This API is not CLS-compliant.

Initializes a new instance of the X509Certificate class using a certificate file name, a password, and a key storage flag.

public:
 X509Certificate(System::String ^ fileName, System::Security::SecureString ^ password, System::Security::Cryptography::X509Certificates::X509KeyStorageFlags keyStorageFlags);
[System.CLSCompliant(false)]
public X509Certificate (string fileName, System.Security.SecureString? password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
[System.CLSCompliant(false)]
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (string fileName, System.Security.SecureString? password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
[System.CLSCompliant(false)]
public X509Certificate (string fileName, System.Security.SecureString password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
public X509Certificate (string fileName, System.Security.SecureString password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
[<System.CLSCompliant(false)>]
new System.Security.Cryptography.X509Certificates.X509Certificate : string * System.Security.SecureString * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.CLSCompliant(false)>]
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : string * System.Security.SecureString * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate
new System.Security.Cryptography.X509Certificates.X509Certificate : string * System.Security.SecureString * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (fileName As String, password As SecureString, keyStorageFlags As X509KeyStorageFlags)

Parameters

fileName
String

The name of a certificate file.

password
SecureString

The password required to access the X.509 certificate data.

keyStorageFlags
X509KeyStorageFlags

A bitwise combination of the enumeration values that control where and how to import the certificate.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The fileName parameter is null.

Remarks

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for fileName, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Applies to

X509Certificate(String, String, X509KeyStorageFlags)

Initializes a new instance of the X509Certificate class using the name of a PKCS7 signed file, a password to access the certificate, and a key storage flag.

public:
 X509Certificate(System::String ^ fileName, System::String ^ password, System::Security::Cryptography::X509Certificates::X509KeyStorageFlags keyStorageFlags);
public X509Certificate (string fileName, string? password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public X509Certificate (string fileName, string? password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
public X509Certificate (string fileName, string password, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags keyStorageFlags);
new System.Security.Cryptography.X509Certificates.X509Certificate : string * string * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate
[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
new System.Security.Cryptography.X509Certificates.X509Certificate : string * string * System.Security.Cryptography.X509Certificates.X509KeyStorageFlags -> System.Security.Cryptography.X509Certificates.X509Certificate
Public Sub New (fileName As String, password As String, keyStorageFlags As X509KeyStorageFlags)

Parameters

fileName
String

The name of a PKCS7 signed file.

password
String

The password required to access the X.509 certificate data.

keyStorageFlags
X509KeyStorageFlags

A bitwise combination of the enumeration values that control where and how to import the certificate.

Attributes

Exceptions

An error with the certificate occurs. For example:

  • The certificate file does not exist.

  • The certificate is invalid.

  • The certificate's password is incorrect.

The fileName parameter is null.

Remarks

If you create an X509Certificate certificate by specifying a PKCS7 signed file store for fileName, the X509Certificate is created for the certificate that signed the store rather than for any of the certificates within the store.

Applies to