views:

17

answers:

1

The .NET class System.Security.Cryptography.X509Certificates.X509Extension does not support some X.509 extensions I want to parse (subject alternative name, name constraints). The MSDN page for this class states "Custom extensions can be registered in a CryptoConfig file" (link), but the description of the CryptoConfig class discusses only setting up custom cryptographic algorithm implementations -- it is not obvious how to register a custom X.509 extension.

Does anyone know how to do this?

A: 

If you don't find a solution with the built-in class, take a look at our PKI components of SecureBlackbox. They let you manage custom extensions easily.

Eugene Mayevski 'EldoS Corp
Thanks.I didn't find a clean solution, but it turns out the X509Certificate2.Extensions field will enumerate unrecognised extensions as bare X509Extension instances -- these expose the DER-encoded ASN.1 data in the RawData field (which can be hand parsed.)
KaiEkkrin