Skip to content

Add hint that Export might be required #12374

New issue
New issue
Open
Open
Add hint that Export might be required#12374
Labels
area-System.SecurityIssues related to security practices for .NET developers.untriagedNew issue has not been triaged by the area owner
@akulicke

Description

@akulicke
akulicke
opened on Mar 6, 2026

Type of issue

Typo

Description

Hi, it would be nice to add a hint that the certificate that is loaded via "X509Certificate2.CreateFromPemFile()" cannot be used in some scenarios directly.
If you want the present it to your Kestrel server it is not valid, not allowing a client to connect (No Server Hello).
You would need to export/create it like so:

            certificate = X509Certificate2.CreateFromPemFile(
                certificatePath,
                certificatePrivatePath);
            certificate = new X509Certificate2(certificate.Export(X509ContentType.Pkcs12));

Page URL

https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.x509certificates.x509certificate2.createfrompemfile?view=net-10.0

Content source URL

https://github.com/dotnet/dotnet-api-docs/blob/main/xml/System.Security.Cryptography.X509Certificates/X509Certificate2.xml

Document Version Independent Id

dcb4e1f8-d29a-bf51-2d12-58d8c06cbf54

Platform Id

d378ae0e-0999-c43e-e3c6-d63fa87b0002

Article author

@dotnet-bot

Metadata

Metadata

Assignees

No one assigned

    Labels

    area-System.SecurityIssues related to security practices for .NET developers.untriagedNew issue has not been triaged by the area owner

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions