Signing a PDF with an X509 Certificate contained within the Windows Certificate Store using C# .NET Core (2.0)

Question

In previous versions of SyncFusion (.NET Framework) the following code was used to retrieve a certificate from the Windows Certificate store and then use that to create a PdfCertificate with which a PDF could then be signed:

var cert = PdfCertificate.FindBySubject(StoreType.MY, "MyCertificateSubject");

var signature = new PdfSignature(myDocument, myPage, cert, myFieldName);

The FindBySubject method no longer exists on the PdfCertificate class in the NuGet package I'm using (Syncufions.Pdf.NETStandard v16.1.0.32) and instead the only way to create a PdfCertificate is to use the following code:

var cert = new PdfCertificate(myCertStream, myPassword);

This new approach requires me to store my certificate file (PFX) on the server which is a giant security no-no AND include my password either in the a configuration store or in the code which is another huge security no-no.

Are there any plans to restore the previous functionality wherein an X509 Certificate can be retrieved form the Windows Certificate store instead of having to passed in as a stream along with a password? If so, is there an estimated timeline / ETA or beta-program?

Sasi Kumar Sekar · Answer

Hi Mark, 
 
As of now we have provided the support for retrieving certificate from the windows certificate store (PdfCertificate.FindBySubject) in Windows Forms, WPF, Asp.Net and Asp.Net MVC platforms and this feature is not included in the .Net Core platform. Using the X509Certificate2 we can sign the PdfDocument from the Store and recently we implemented the support for X509Certificate2 as a parameter of PdfCertificate constructor in .Net Core 2.0 and the feature will be available in the Essential Studio volume 2 release, it will be available in June 2018. If you need a patch for the X509Certificate2 implementation, please create the incident we will merge the patch for you. 
 
Regards, 
Sasi Kumar S.