There is a class named X509Certificate2 in the. NET Framework that uses the properties contained in this class to conveniently obtain information such as the serial number in the digital certificate of the first-in-number format, the date of validity, and the date of expiry. A detailed description of the class can be found on the MSDN website.
In the properties of this class, Issuer and Issuername, Subject, and subjectname look more like, and are easy to confuse. Here's how to do this:
1) The types of the Issuer and Subject properties are string, and with these two properties, you can get the distinguished Name of the certificate issuer and the certificate holder, respectively. Distinguished Name is usually a string similar to the following form: "Cn=myname, o=myorg, Ou=myorgunit, C=us"
This string is used internally as a delimiter (note is a comma in English, not a comma in Chinese), where CN represents Common Name,o represents the organization name, the OU represents the organization's subordinate body name, and C represents the country name.
2) The type of the Issuername and Subjectname properties is System.Security.Cryptography.X509Certificates.X500DistinguishedName, note that it is not a string. The X500distinguishedname has three attributes: Name, Oid, and RawData. You can also get distinguished name using the Name property. That
The values of X509certificate2.issuer and X509Certificate2.IssuerName.Name are equal;
The values of X509certificate2.subject and X509Certificate2.SubjectName.Name are equal.
For the distinguished name of the certificate issuer or holder, the part that is often used is the Common name, which is the content behind cn=. However, the. NET Framework does not directly provide a way to extract the Common name from distinguished name. Because distinguished name inside is used to separate the different meanings of the part, so you can use, as a delimiter, the distinguished Name is split into multiple substrings, and then find the cn= in the substring, find the later part of cn= extracted, so that You can get the value of Common Name. The specific implementation code is as follows:
/**************************************************
* Author: HAN Wei
* Author's blog: http://blog.csdn.net/henter/
* Date: April 23rd, 2015
* Description: demonstrate how to extract Common Name
* from Distinguished Name
**************************************************/
using System;
namespace ExtractCnFromDn
{
class Program
{
public static string ExtractCommonNameFromDN(string DistinguishedName)
{
if (String.IsNullOrEmpty(DistinguishedName))
{
throw new ArgumentNullException("Distinguishedname");
}
string strCommonName = string.Empty;
bool bFoundSubStr = false;
string strStartSubStr = "CN=";
char[] chDelimiterChars = { ',' };
string[] NameArray = DistinguishedName.Split(chDelimiterChars);
int iNameLength;
for (int i = 0; i < NameArray.Length; i++)
{
iNameLength = NameArray[i].Length;
if (iNameLength > 3)
{
if (String.Compare(strStartSubStr, NameArray[i].Substring(0, 3), true) == 0)
{
strCommonName = NameArray[i].Substring(3, (iNameLength - 3));
bFoundSubStr = true;
break;
}
}
}
if (bFoundSubStr == false)
strCommonName = string.Empty;
return strCommonName;
}
/*************************************************/
static void Main(string[] args)
{
string strDn = "CN=测试人员, [email protected], S=上海市, C=CN"; /* 注意这里的 , 不是中文里的逗号 */
string strCn = string.Empty;
try
{
strCn = ExtractCommonNameFromDN(strDn);
}
catch (ArgumentNullException e)
{
Console.WriteLine("Error message: {0}", e.Message);
Console.ReadLine();
return;
}
Console.WriteLine("Distinguished name: {0}", strDn);
Console.WriteLine("Common name: {0}", strCn);
Console.ReadLine();
return;
}
}
}
Use the X509Certificate2 class in C # to obtain name information for the issuer and bearer of a digital certificate