Get list of certificates from the certificate store in C#

Question

For a secure application I need to select a certificate in a dialog. How can I access certificate store or a part of it (e.g. storeLocation="Local Machine" and storeName="My") using C# and get a collection of all certificates from there?

score 81 · Answer 1 · edited Mar 12 '18 at 21:29

81

X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);

store.Open(OpenFlags.ReadOnly);

foreach (X509Certificate2 certificate in store.Certificates){
    //TODO's
}

edited Mar 12 '18 at 21:29

Tobias

4,999
7
34
40

answered May 17 '11 at 08:46

acejologz

811
6
2

Cobaia · Answer 2 · 2014-12-02T13:01:24.143

20

Try this:

//using System.Security.Cryptography.X509Certificates;
public static X509Certificate2 selectCert(StoreName store, StoreLocation location, string windowTitle, string windowMsg)
{

    X509Certificate2 certSelected = null;
    X509Store x509Store = new X509Store(store, location);
    x509Store.Open(OpenFlags.ReadOnly);

    X509Certificate2Collection col = x509Store.Certificates;
    X509Certificate2Collection sel = X509Certificate2UI.SelectFromCollection(col, windowTitle, windowMsg, X509SelectionFlag.SingleSelection);

    if (sel.Count > 0)
    {
        X509Certificate2Enumerator en = sel.GetEnumerator();
        en.MoveNext();
        certSelected = en.Current;
    }

    x509Store.Close();

    return certSelected;
}

edited Dec 02 '14 at 13:01

answered Jul 26 '11 at 13:25

Cobaia

1,503
3
22
41

13

Linq makes this easier: x509Store.Certificates.OfType().FirstOrDefault(cert => cert.IssuerName.Name.EndsWith("DC=mysite, DC=com")); – Jonathan DeMarks Mar 28 '12 at 12:31
@JonathanDeMarks: what exactly does the `"DC=mysite, DC=com"` signify here? None of these examples seem to show how to get a _specific_ certificate... – Nyerguds Jun 27 '13 at 09:32
@Nyerguds The question is: Get list of certificates from the certificate store in C#, not specific. Please, Create another question. – Cobaia Jun 27 '13 at 11:27

score 11 · Answer 3 · answered Mar 15 '15 at 14:21

11

The simplest way to do that is by opening the certificate store you want and then using X509Certificate2UI.

var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
var selectedCertificate = X509Certificate2UI.SelectFromCollection(
    store.Certificates, 
    "Title", 
    "MSG", 
    X509SelectionFlag.SingleSelection);

More information in X509Certificate2UI on MSDN.

answered Mar 15 '15 at 14:21

Roni Fuchs

271
3
5

1

To use `X509Certificate2UI` I need to add a reference to `System.security.dll`, however this works like a charm +1 `:)`. Also to use a user keystore I use `StoreLocation.CurrentUser` instead of`StoreLocation.LocalMachine`. – albciff May 21 '15 at 09:42

score 4 · Answer 4 · answered Jul 30 '09 at 09:00

4

Yes -- the X509Store.Certificates property returns a snapshot of the X.509 certificate store.

answered Jul 30 '09 at 09:00

Steve Gilham

11,237
3
31
37

score 1 · Answer 5 · answered Jul 22 '21 at 08:14

Example for the above question.

    public List<string> getListofCertificate()
    {
        var certificates = new List<string>();
        X509Store store = new X509Store(StoreLocation.CurrentUser);
        try
        {
            store.Open(OpenFlags.ReadOnly);

            // Place all certificates in an X509Certificate2Collection object.
            X509Certificate2Collection certCollection = store.Certificates;
            foreach (X509Certificate2 x509 in certCollection)
                {
                    Console.WriteLine(x509.IssuerName.Name);
                    certificates.Add(x509.IssuerName.Name);
                }
        }
        finally
        {
            store.Close();
        }
        return certificates;

    }

Get list of certificates from the certificate store in C#

5 Answers5

Linked