Creation of X509Certificate2 fails on Linux but works on Windows

[secana]

Creation of X509Certificate2 fails on Linux but works on Windows

Creating a X509Certificate2 instance from a byte array works on Windows but fails on Linux with a "CryptographicException".

General

Tested Systems:
Windows 10
Ubuntu 16.04, Ubuntu 17.10
OpenSuse 42

All tested with:
Dotnet Core Version: 2.0.2

Example code:

static void Main(string[] args)
{
      var cert = new X509Certificate2(Cert.CertBytes);
}

On Windows: Valid X509Certificate2 instance is created
On Linux: An exception is thrown:

{System.Security.Cryptography.CryptographicException: Cannot find the original signer.
   at Internal.Cryptography.Pal.PkcsFormatReader.TryReadPkcs7(SafePkcs7Handle pkcs7, Boolean single, ICertificatePal& certPal, List`1& certPals)
   at Internal.Cryptography.Pal.PkcsFormatReader.TryReadPkcs7Der(Byte[] rawData, Boolean single, ICertificatePal& certPal, List`1& certPals)
   at Internal.Cryptography.Pal.CertificatePal.FromBlob(Byte[] rawData, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] data)
   at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData)
   at CertTest.Program.Main(String[] args) in /home/CertTest/Program.cs:line 14}

If the certificate is first parsed by BouncyCastle and then converted into a X509Certificate2 it works.
Example which works on Linux

static void Main(string[] args)
{
       var bouncy = new Org.BouncyCastle.X509.X509CertificateParser();
       var bcert = bouncy.ReadCertificate(Cert.CertBytes);
       var wcert = new System.Security.Cryptography.X509Certificates.X509Certificate2(bcert.GetEncoded());
}

[Petermarcu]

Issue moved to dotnet/corefx #25828 via ZenHub