Accessing X509Certificates with the .NET standard API

red_userred_user Member

Hello,

I need to work with certificates. We have an existing code base .NET standard compliant and we would like to use it.
I did some tests but i'm encountering some problems;

Our implementation is based around the X509Certificate2 class which is present in the API with associated classes
I can't post link with this new account but the doc is easily found

This compile but problem is on runtime. I try to access the "store" with, for example, this code :

var store = new X509Store(storeName, storeLocation)
store.Open(OpenFlags.ReadOnly);

Here we're just trying to read the certificates from the store (which should be the keychain on macos ?).
My probem is that, without error or even warning, the store is empty and nothing is found inside it.
I use the StoreName My and the storeLocation CurrentUser.

I tried with a Console Application in .NET Core, and the very same code is working : I get a listing of my installed certificate, but my xamarin mac app doesn't find anything.

Now, I have theories about this. Xamarin.Mac looks heavily inspired from Xamarin.Ios too me, and I read that accessing certificates this way in Ios doesn't work this way. Do you think this could be a consequence from the similarities between the two frameworks ?
Could there be something I'm missing ? is the function just not implemented ?
I would like to know if you think I could manage accessing the keychain with xamarin.mac without too much trouble or if I need to use something else.
Thanks for you inputs

Best Answer

  • red_userred_user
    Accepted Answer

    Hey
    I "resolved" my problem. My problem was that, as i said, I was trying to read the keychain, when Mono X509 functions are trying to access a mono-specific certificate folder, by default located in its appdata.

    I don't know if it's possible to access the keychain by default on MacOs with these functions. I didn't try but I used a Xamarin.mac lib, the SecKeyChain class in the 'Security' Namespace, which do the job by directly working with the keychain.

    Too bad we can't do this with .NET standard code but I understand that MacOs is too capricious. Thanks for your answer !

Answers

  • ChrisHamonsChrisHamons USForum Administrator, Xamarin Team Xamurai

    Xamarin.Mac and Xamarin.iOS are sister products, and share both a lot of code and sit on top of mono.

    It does not surprise me that .NET core behaves differently. Consider porting your console app to a console app with mono (Other -> .NET -> Console Project) and see how it behaves.

    Also this documentation from mono might be useful to read.

    In any case, this sounds like a good documentation issue even if there isn't a bug (networking isn't my specialty)
    Please consider filing an issue on this after you've tested against mono, so we can look into this or document it.

  • red_userred_user Member
    Accepted Answer

    Hey
    I "resolved" my problem. My problem was that, as i said, I was trying to read the keychain, when Mono X509 functions are trying to access a mono-specific certificate folder, by default located in its appdata.

    I don't know if it's possible to access the keychain by default on MacOs with these functions. I didn't try but I used a Xamarin.mac lib, the SecKeyChain class in the 'Security' Namespace, which do the job by directly working with the keychain.

    Too bad we can't do this with .NET standard code but I understand that MacOs is too capricious. Thanks for your answer !

Sign In or Register to comment.