CryptokiCollection
.
// read the certificate X509Certificate2 cert = new X509Certificate2(Convert.FromBase64String(certPEM)); // gets the id in binary format byte[] id = Encoding.ASCII.GetBytes("MyKeyPairID");// creates the template CryptokiCollection template = new CryptokiCollection(); template.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_CERTIFICATE)); template.Add(new ObjectAttribute(ObjectAttribute.CKA_CERTIFICATE_TYPE, Certificate.CKC_X_509)); template.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true)); template.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE, false)); template.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "MyLabel")); template.Add(new ObjectAttribute(ObjectAttribute.CKA_ID, id)); template.Add(new ObjectAttribute(ObjectAttribute.CKA_SUBJECT, cert.SubjectName.RawData)); template.Add(new ObjectAttribute(ObjectAttribute.CKA_ISSUER, cert.Issuer)); template.Add(new ObjectAttribute(ObjectAttribute.CKA_SERIAL_NUMBER,cert.SerialNumber)); template.Add(new ObjectAttribute(ObjectAttribute.CKA_VALUE, cert.RawData)); // creates the certificate object in the token CryptokiObject certificate = session.Objects.Create(template);