Discuss this help topic in SecureBlackbox Forum
Load certificate and private key from different sources
Certain X.509 certificate formats assume storing the certificate itself and its private key separately, in different files. The examples of such formats are DER (with certificate files typically having a .csr, .cer or .crt extension), and PKCS7 (.p7b). PEM format supports storing private keys either together as well as separately from the certificates.
There is just one important thing that you should take into account when loading a certificate and its key separately: you load the certificate first. Once the certificate is loaded, you can load the key. The things won't work the other way round, you can't load the key prior to the certificate.
The whole procedure looks as the following.
TElX509Certificate cert = new TElX509Certificate();
cert.LoadFromStream(certStream);
int res = cert.LoadKeyFromStreamPEM(keyStream, "password");
if (res != 0)
{
throw new Exception("Bad key format or password");
}