From 8d7bd3dc883e3ccd15c9916dfc945d04e20f7898 Mon Sep 17 00:00:00 2001 From: Jeremy Barton Date: Thu, 31 Oct 2024 11:16:53 -0700 Subject: [PATCH] Change "Base64" to "PEM" in reference to cert text formats When used to describe the inputs to these methods, the references to Base64 really meant PEM, which utilizes Base64 within the encapsulation boundary. There are still references to Base64 remaining, but they are used correctly, explaining PEM. --- .../X509Certificate2.xml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/xml/System.Security.Cryptography.X509Certificates/X509Certificate2.xml b/xml/System.Security.Cryptography.X509Certificates/X509Certificate2.xml index b73ea22ecac..34180a269fe 100644 --- a/xml/System.Security.Cryptography.X509Certificates/X509Certificate2.xml +++ b/xml/System.Security.Cryptography.X509Certificates/X509Certificate2.xml @@ -225,7 +225,7 @@ object using certificate information from a byte array. The byte array can be binary (DER) encoded or Base64-encoded X.509 data. The byte array can also be a PKCS7 (Authenticode) signed file; the signer certificate is used to create the object. + This constructor creates a new object using certificate information from a byte array. The byte array can be binary (DER) encoded or PEM-encoded X.509 data. The byte array can also be a PKCS7 (Authenticode) signed file; the signer certificate is used to create the object. If you create an certificate by specifying a PKCS7 signed file store for `rawData`, the is created for the certificate that signed the store rather than for any of the certificates within the store. @@ -466,7 +466,7 @@ object using a certificate file name. It supports binary (DER) encoding or Base64 encoding. + This constructor creates a new object using a certificate file name. It supports binary (DER) encoding or PEM encoding. If you create an certificate by specifying a PKCS7 signed file store for `fileName`, the is created for the certificate that signed the store rather than for any of the certificates within the store. @@ -2427,7 +2427,7 @@ The certificate is encoded according to the IETF RFC 7468 "strict" ## Remarks This method can be used to take a raw byte array of an X.509 certificate and populate the object with its associated values. - Since this method accepts only a byte array, it can be used only for certificate types that do not require a password, including a Base64-encoded or DER-encoded X.509 certificate or a PFX/PKCS12 certificate. Note that a PFX/PKCS12 certificate can contain more than one certificate. In that case, the first certificate associated with a private key is used or, if no private key is found, the first certificate is used. + Since this method accepts only a byte array, it can be used only for certificate types that do not require a password, including a PEM-encoded or DER-encoded X.509 certificate or a PFX/PKCS12 certificate. Note that a PFX/PKCS12 certificate can contain more than one certificate. In that case, the first certificate associated with a private key is used or, if no private key is found, the first certificate is used. ]]> @@ -2491,7 +2491,7 @@ The certificate is encoded according to the IETF RFC 7468 "strict" ## Remarks This method uses a certificate file, such as a file with a .cer extension, that represents an X.509 certificate and populates the object with the certificate the file contains. - This method can be used with several certificate types, including Base64-encoded or DER-encoded X.509 certificates, PFX/PKCS12 certificates, and signer certificates such as Authenticode. Note that a PFX/PKCS12 certificate can contain more than one certificate. In that case, the first certificate associated with a private key is used or, if no private key is found, the first certificate is used. + This method can be used with several certificate types, including PEM-encoded or DER-encoded X.509 certificates, PFX/PKCS12 certificates, and signer certificates such as Authenticode. Note that a PFX/PKCS12 certificate can contain more than one certificate. In that case, the first certificate associated with a private key is used or, if no private key is found, the first certificate is used. ]]> @@ -2569,7 +2569,7 @@ The certificate is encoded according to the IETF RFC 7468 "strict" [!IMPORTANT] > Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the [Ildasm.exe (IL Disassembler)](/dotnet/framework/tools/ildasm-exe-il-disassembler), a hex editor, or by simply opening up the assembly in a text editor such as Notepad.exe. @@ -2648,7 +2648,7 @@ The certificate is encoded according to the IETF RFC 7468 "strict" ## Remarks This method can be used to populate an object using a password for the certificate represented by the byte array. The value can be used to control where and how to import the private key. - This method accepts a byte array and can be used for certificate types such as Base64-encoded or DER-encoded X.509 certificates or PFX/PKCS12 certificates. Note that a PFX/PKCS12 certificate can contain more than one certificate. In that case, the first certificate associated with a private key is used or, if no private key is found, the first certificate is used. + This method accepts a byte array and can be used for certificate types such as PEM-encoded or DER-encoded X.509 certificates or PFX/PKCS12 certificates. Note that a PFX/PKCS12 certificate can contain more than one certificate. In that case, the first certificate associated with a private key is used or, if no private key is found, the first certificate is used. > [!IMPORTANT] > Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the [Ildasm.exe (IL Disassembler)](/dotnet/framework/tools/ildasm-exe-il-disassembler), a hex editor, or by simply opening up the assembly in a text editor such as Notepad.exe.