open System open Org.BouncyCastle.Asn1.X509 open Org.BouncyCastle.Crypto open Org.BouncyCastle.Security open Org.BouncyCastle.Math open Org.BouncyCastle.Crypto.Prng open Org.BouncyCastle.Crypto.Generators open Org.BouncyCastle.Pkcs open Org.BouncyCastle.X509 let kpg = RsaKeyPairGenerator() kpg.Init(KeyGenerationParameters(SecureRandom(CryptoApiRandomGenerator()), 1024)) let kp = kpg.GenerateKeyPair() let gen = X509V3CertificateGenerator() let certName = X509Name("CN=PickAName") let serialNo = BigInteger.ProbablePrime(120, new Random()) gen.SetSerialNumber(serialNo) gen.SetSubjectDN(certName) gen.SetIssuerDN(certName) gen.SetNotAfter(DateTime.Now.AddYears(100)) gen.SetNotBefore(DateTime.Now.Subtract(TimeSpan(7, 0, 0, 0))) gen.SetSignatureAlgorithm("MD5WithRSA") gen.SetPublicKey(kp.Public) let cert = gen.Generate(kp.Private) let store = Pkcs12Store() let friendlyName = cert.IssuerDN.ToString() let entry = X509CertificateEntry(cert) store.SetCertificateEntry(friendlyName, entry) store.SetKeyEntry(friendlyName, AsymmetricKeyEntry(kp.Private), [| entry |]) store.Save(IO.File.OpenWrite("X509.store"), Seq.toArray "A password here", SecureRandom(CryptoApiRandomGenerator()))