UPDATE: Creating a Self-Signed X.509 Certificate in C#
Question:
We think about ordering the Chilkat Email .NET Component and use it for sending digitally signed and encypted mail. The examples work fine with our exiting digital certificates.
The question is: Is it possible to create new certificates based upon an exisiting one by code? Is it possible to create, sign, and manage X.509 Digital Certificates?
Can you provide such a feature in any way or give code examples in C# how to do this?
Answer:
The quick answer is that no, Chilkat does not provide an API to create certificates. It does provide the API to manage certs and cert stores, and to use the certificates for signing, encrypting, verifying signatures, and decrypting.
If you create a certificate yourself and not through a Certificate Authority (such as Thawte, Verisign, etc.) then your cert is not trusted outside your organization. This means you cannot use it for authentication with the external world. However, self-created certificates can still be useful for the purpose of testing data against tampering.
There is a makecert.exe program that comes with the .NET Developer Studio. One thought is to execute a shell command from within your program to make the cert. In C#, there is example code here: http://www.c-sharpcorner.com/Code/2002/July/ShellCommandsInCS.asp.
C++ or VB6 program could use the ShellExecute Win32 function.
I am not aware of a specific API to do certificate creation in Windows.