Menu
I'm trying to create a request with IP address SAN. This is the function that is responsible for creating the CAlternativeName:
public static CAlternativeNameClass GetCurrentIpName() {
//get current machine IP address
IPAddress ip = GetCurrentIp();
if (ip == null) {
return null;
}
try {
CAlternativeNameClass nameClass = new CAlternativeNameClass();
nameClass.InitializeFromString(AlternativeNameType.XCN_CERT_ALT_NAME_IP_ADDRESS, ip.ToString());
return nameClass;
} catch (Exception e) {
Console.WriteLine(e);
return null;
}
}
The problem is that I'm getting the next error:
System.ArgumentException: Value does not fall within the expected range.
at CERTENROLLLib.CAlternativeNameClass.InitializeFromString(AlternativeNameType Type, String strValue)
What am I doing wrong?
907
A SAN or subject alternative name is a structured way to indicate all of the domain names and IP addresses that are secured by the certificate. Included on the short list of items that are considered a SAN are subdomains and IP addresses.
InitializeFromString does not accept an AlternativeNameType of XCN_CERT_ALT_NAME_IP_ADDRESS**. You have to use InitializeFromRawData instead. The error is something of a misnomer because it's not actually the value parameter that's the issue, it's the type, but hey.
InitializeFromRawData takes a string as input (because this is Microsoft, not Ronseal), so you need to encode your raw data as a string so it can turn it in to raw data again:
String ipBase64 = Convert.ToBase64String(ip.GetAddressBytes());
nameClass.InitializeFromRawData(AlternativeNameType.XCN_CERT_ALT_NAME_IP_ADDRESS, EncodingType.XCN_CRYPT_STRING_BASE64, ipBase64);
About as intuitive as an Escher artpiece.
** Source: http://msdn.microsoft.com/en-us/library/windows/desktop/aa375024%28v=vs.85%29.aspx
95
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
