CertificateRevocationListBuilder.Build Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Overloads
| Build(X509Certificate2, BigInteger, DateTimeOffset, HashAlgorithmName, RSASignaturePadding, Nullable<DateTimeOffset>) |
Builds a Certificate Revocation List (CRL) signed by the specified certificate. |
| Build(X500DistinguishedName, X509SignatureGenerator, BigInteger, DateTimeOffset, HashAlgorithmName, X509AuthorityKeyIdentifierExtension, Nullable<DateTimeOffset>) |
Builds a Certificate Revocation List (CRL). |
Build(X509Certificate2, BigInteger, DateTimeOffset, HashAlgorithmName, RSASignaturePadding, Nullable<DateTimeOffset>)
Builds a Certificate Revocation List (CRL) signed by the specified certificate.
public byte[] Build (System.Security.Cryptography.X509Certificates.X509Certificate2 issuerCertificate, System.Numerics.BigInteger crlNumber, DateTimeOffset nextUpdate, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, System.Security.Cryptography.RSASignaturePadding? rsaSignaturePadding = default, DateTimeOffset? thisUpdate = default);member this.Build : System.Security.Cryptography.X509Certificates.X509Certificate2 * System.Numerics.BigInteger * DateTimeOffset * System.Security.Cryptography.HashAlgorithmName * System.Security.Cryptography.RSASignaturePadding * Nullable<DateTimeOffset> -> byte[]Public Function Build (issuerCertificate As X509Certificate2, crlNumber As BigInteger, nextUpdate As DateTimeOffset, hashAlgorithm As HashAlgorithmName, Optional rsaSignaturePadding As RSASignaturePadding = Nothing, Optional thisUpdate As Nullable(Of DateTimeOffset) = Nothing) As Byte()Parameters
- issuerCertificate
- X509Certificate2
The certificate representing the Certificate Authority (CA) that is creating this Certificate Revocation List.
- crlNumber
- BigInteger
The sequence number for this CRL. Per IETF RFC 5280, this value must always increase from one CRL to the next for a given CA.
- nextUpdate
- DateTimeOffset
The latest possible time before the CA will publish a newer CRL, generally treated as an expiration date for this CRL.
- hashAlgorithm
- HashAlgorithmName
The hash algorithm to use when signing the CRL.
- rsaSignaturePadding
- RSASignaturePadding
For Certificate Authorities with RSA keys, this parameter is required and specifies the RSA signature padding mode to use when signing the CRL.
For all other algorithms, this parameter is ignored.
The default is null.
- thisUpdate
- Nullable<DateTimeOffset>
An optional value that specifies when this CRL was created, or null to use the current system time.
The default is null.
Returns
An array that contains the bytes of the signed CRL.
Exceptions
issuerCertificate does not have an associated private key.
-or-
issuerCertificate uses a public key algorithm that is unknown,
or not supported by this implementation.
-or-
issuerCertificate does not have a Basic Constraints extension.
-or-
issuerCertificate has a Basic Constraints extension that indicates
it is not a valid Certificate Authority certificate.
-or-
issuerCertificate has a Key Usage extension that lacks the
CrlSign usage.
-or-
issuerCertificate has an RSA private key but
rsaSignaturePadding is null.
-or-
issuerCertificate has an unknown key algorithm.
-or-
nextUpdate is older than thisUpdate.
-or-
hashAlgorithm has the empty string as the value of
Name.
-or-
rsaSignaturePadding was not recognized.
crlNumber is negative.
an error occurred during signing.
Applies to
Build(X500DistinguishedName, X509SignatureGenerator, BigInteger, DateTimeOffset, HashAlgorithmName, X509AuthorityKeyIdentifierExtension, Nullable<DateTimeOffset>)
Builds a Certificate Revocation List (CRL).
public byte[] Build (System.Security.Cryptography.X509Certificates.X500DistinguishedName issuerName, System.Security.Cryptography.X509Certificates.X509SignatureGenerator generator, System.Numerics.BigInteger crlNumber, DateTimeOffset nextUpdate, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, System.Security.Cryptography.X509Certificates.X509AuthorityKeyIdentifierExtension authorityKeyIdentifier, DateTimeOffset? thisUpdate = default);member this.Build : System.Security.Cryptography.X509Certificates.X500DistinguishedName * System.Security.Cryptography.X509Certificates.X509SignatureGenerator * System.Numerics.BigInteger * DateTimeOffset * System.Security.Cryptography.HashAlgorithmName * System.Security.Cryptography.X509Certificates.X509AuthorityKeyIdentifierExtension * Nullable<DateTimeOffset> -> byte[]Public Function Build (issuerName As X500DistinguishedName, generator As X509SignatureGenerator, crlNumber As BigInteger, nextUpdate As DateTimeOffset, hashAlgorithm As HashAlgorithmName, authorityKeyIdentifier As X509AuthorityKeyIdentifierExtension, Optional thisUpdate As Nullable(Of DateTimeOffset) = Nothing) As Byte()Parameters
- issuerName
- X500DistinguishedName
The subject name of the certificate for the Certificate Authority (CA) that is issuing this CRL.
- generator
- X509SignatureGenerator
A signature generator to produce the CA signature for this CRL.
- crlNumber
- BigInteger
The sequence number for this CRL. Per IETF RFC 5280, this value must always increase from one CRL to the next for a given CA.
- nextUpdate
- DateTimeOffset
The latest possible time before the CA will publish a newer CRL, generally treated as an expiration date for this CRL.
- hashAlgorithm
- HashAlgorithmName
The hash algorithm to use when signing the CRL.
- authorityKeyIdentifier
- X509AuthorityKeyIdentifierExtension
The Authority Key Identifier to use in this CRL, identifying the CA certificate.
- thisUpdate
- Nullable<DateTimeOffset>
An optional value that specifies when this CRL was created, or null to use the current system time.
The default is null.
Returns
An array that contains the bytes of the signed CRL.
Exceptions
issuerName, generator, or
authorityKeyIdentifier is null.
-or-
hashAlgorithm has null as the value of
Name.
crlNumber is negative.
an error occurred during signing.
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for