我试图找出是否有办法有一个.NET客户端使用客户端证书，而不涉及的Windows密钥库以任何方式。

I'm trying to figure out if there is any way to have a .NET client use a client certificate without involving the Windows keystore in any way.

我有这样的code片断：

I have a code snippet like this:

test1.Service s = new test1.Service();
X509Certificate c = X509Certificate.CreateFromCertFile(@"C:\test.pem");
s.ClientCertificates.Add(c);
int result = s.TestMethod();

不过，这仅适用于如果我也有在test.pem中引用的证书安​​装在我的证书存储区。我想这是因为关键是必要的谈判。如果我没有证书/键在店里，证书不与请求一起发送。

However, this only works if I also have the certificate referenced in "test.pem" installed in my certificate store. I assume this is because the key is necessary for the negotiation. If I don't have the cert/key in the store, the cert is not sent with the request.

我想要做的是能够从一个或多个文件同时提供的证书和私钥，不涉及任何Windows证书存储区。

What I want to do is be able to provide both the certificate and private key from a file or files and not involve the Windows certificate store in any way.

有没有办法做到这一点？

Is there any way to do this?

推荐答案

我要发布一个答案，我自己的职位，但会离开它打开，看看是否其他人可以解决这个问题不同的。

I'm going to post an answer to my own post, but will leave it open to see if others can solve it different.

基本上，我撑船。如果你有一个PKCS12文件（密钥和证书的话），你可以使用X509Certificate2类加载该文件，并使用它，它也不会询问密钥存储。

Basically, I'm punting. If you have a PKCS12 file (with both key and cert in it) you can use the X509Certificate2 class to load that file and use it, and it won't interrogate the keystore.

我无法找到一个方法来平PEM密钥和证书文件（如你需要使用Python的东西，例如）。

I could not find a way to do this with flat PEM key and cert files (like what you'd need with Python, for example).