private MSX509.X509Certificate2 CreateCertificate(string name, List<X509Extension> extensions, MSX509.X509Certificate2 issuerCertificate, string issuer, MSX509.StoreName storeName, int validity)
{
MSX509.X509Certificate2 certificate = LoadCertificate(name, storeName, location_);
if(certificate != null)
return certificate;
state_.Logger.Information("Create X509.v3 certificate for '{0}'", name);
PrivateKey key = new PrivateKey();
key.RSA = RSA.Create();
X509CertificateBuilder builder = new X509CertificateBuilder(3);
builder.SerialNumber = GenerateSerial();
builder.IssuerName = "CN=" + issuer;
builder.SubjectName = "CN=" + name;
builder.SubjectPublicKey = key.RSA;
builder.NotBefore = DateTime.Now;
builder.NotAfter = builder.NotBefore.AddDays(validity);
builder.Hash = "SHA1";
foreach(X509Extension extension in extensions)
builder.Extensions.Add(extension);
var signator = issuerCertificate == null ? key.RSA : issuerCertificate.PrivateKey;
byte[] raw = builder.Sign(signator);
StoreCertificate(name, raw, key.RSA, storeName, location_);
certificate = new MSX509.X509Certificate2(raw);
certificate.PrivateKey = key.RSA;
return certificate;
}