To encrypt data on the data link layer when working over the Internet, we use X509 certificates. Deploying these certificates according to the instructions attached to our products is a very tedious process.
All attempts to write batch file or utilities to automate this work were unsuccessful, because they all usually work only on the machine on which they are developed. Any console utilities like makecert also work only in their version of Windows.
Maybe there are some libraries that provide a level of abstraction over the dependence of certificates on the environment? They need to be embedded either in an application written in C # or in a WIX installer.
We have such requirements.
- The user should be able to create a certificate by entering the file name through the save file dialog and password. Created certificate must be associated with our root certificate authority.
- Import either your certificate, or one created in the previous step, into the "Trustees" storage of the local computer. In this case, if not yet created, our root certification authority should be automatically created in the appropriate store.
- Depending on whether the client or server is configured, either the .cer file or the .pfx file must be loaded.
- If the user entered the wrong password when importing the certificate, it must be clearly reported, without any "process {0} exited with code -1".
That is, the user must be able to configure certificates with one button in the presence of a ready certificate. Creating a certificate should also be possible with one button.
