Can I list locally installed digital certificates with C#?

StackOverflow https://stackoverflow.com/questions/18144141

Question

I've been trying to find the way to get information on digital certificates currently installed on the local computer -- any method that would allow to get a collection of X509Certificate2 classes.

I was able to find this question which explains how to get it from a .pfx file.

Any idea how to do it for already installed certs?

Was it helpful?

Solution

As a starter you could have a look at this code:

using System;
using System.Security.Cryptography.X509Certificates;

namespace Encryption
   {
   class CertificateTest
      {
      static void Main()
         {
         X509Store store = new X509Store(StoreName.Root,
            StoreLocation.LocalMachine);
         store.Open(OpenFlags.ReadOnly);
         Console.WriteLine("Friendly Name\t\t\t\t\t Expiration date");
         foreach (X509Certificate2 certificate in store.Certificates)
            {
            Console.WriteLine("{0}\t{1}", certificate.FriendlyName,
               certificate.NotAfter);
            }
         store.Close();
         }
      }
   }

There are many more advanced samples available online. Look for System.Security.Cryptography.X509Certificates as keyword.

The following code lists your own certificates and their attributes.

static void o(string s, params object[] args)
{
    Console.WriteLine(s, args);
}

static void CertList()
{
    X509Store store = new X509Store(StoreName.My,  StoreLocation.CurrentUser);
    store.Open(OpenFlags.ReadOnly);
    foreach (X509Certificate2 certificate in store.Certificates)
    {
        o("");
        o("Friendly Name: {0}", certificate.FriendlyName);
        o("Simple Name:   {0}", 
           certificate.GetNameInfo(X509NameType.SimpleName, true));
        o("Issuer:        {0}", certificate.Issuer);
        o("Expiration:    {0}", certificate.NotAfter);

        //  http://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509keyusageextension.aspx
        foreach (X509Extension extension in certificate.Extensions)
        {
            o(" {0}  ({1})", extension.Oid.FriendlyName, extension.Oid.Value);

            if (extension.Oid.Value == "2.5.29.15")
            //  if (extension.Oid.FriendlyName == "Key Usage")
            {
                X509KeyUsageExtension ext = (X509KeyUsageExtension)extension;
                o("Key usages:          {0}", ext.KeyUsages);
            }
            else if (extension.Oid.Value == "2.5.29.37")
            //  if (extension.Oid.FriendlyName == "Extended Key Usage")
            {
                X509EnhancedKeyUsageExtension ext =
                                   (X509EnhancedKeyUsageExtension)extension;
                o("Extended Key usages: {0}", ext.EnhancedKeyUsages);
            }
        }
    }
    store.Close();
}

The routine lists VBA security certificates on my system created using Microsoft Office 2010 SELFCERT.EXE. But I could not identify any special property/attribute of these certificates for filtering them,

OTHER TIPS

For me this code prints IIS Express Development Certificate

var store = new X509Store(StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
var certificates = store.Certificates;
foreach (var certificate in certificates)
{
     Console.WriteLine(certificate.FriendlyName);
}
store.Close();
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top