Mailing List



NerdyHearn - Blog

<< Back To All Blogs

Enumerating a user secure certificate store in C#

Tuesday, July 14th, 2009

Reading a user's certificate store can be a very useful thing in C#, especially when dealing with anything at a low-level Windows usage, such as checking to see if the user on a domain has a valid certificate to use an Encrypted File System (EFS).

It is pretty straight-forward, so without further ado, here is how it is done:

X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);

store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

foreach (X509Certificate2 cert in store.Certificates)


    // Cert thumbprint

    string thumbprint = cert.Thumbprint;

    // Cert serial number

    string serial = cert.SerialNumber;

    // Cert issuer

    string issuer = cert.Issuer;

    // Cert notbefore entry

    DateTime notbefore = cert.NotBefore;

    // Cert notafter entry

    DateTime notafter = cert.NotAfter;

    // Enumerate cert extensions, you can then cast them to their specific cert extension type if needed

    foreach (X509Extension ext in cert.Extensions)


        string friendlyname = ext.Oid.FriendlyName;

        string value = ext.Oid.Value;



That's all I have for now, pretty short entry, but a useful bit of code.

X509in' Tom Out.



Related Blogs

Retrieving the SID of a user or group account using the Win32 SDK and C#
Updating an LDAP Property in C#

ConnectionString Switcharoo
Reading Digital Signatures from InfoPath Forms in MOSS 2007 and WSS 3.0 Workflow


Currently no comments.

Add A Comment



Email Address: (not public, used to send notifications on further comments)


Enter the text above, except for the 1st and last character:

NerdyHearn - Latest tech news relating to C#, ASP.NET, SharePoint, PHP, general development, and more. SaveMySerials - Protect yourself from theft, fire, natural disasters and more by recording your serial numbers