How to Find Certificate by Its Thumbprint in C#

How to find certificate by its thumbprint in C#

Just stumbled over this question when Googling for the same issue, and found the answer here: if, like me, you obtained your "source" thumbprint from MMC by highlighting the thumbprint and copying it to the clipboard, you've almost certainly caught an invisible character at the start of the screen, so:

string certThumbPrint = "‎‎fe14593dd66b2406c5269d742d04b6e1ab03adb1";

is actually

string certThumbPrint = "‎‎INVISIBLECHARACTERfe14593dd66b2406c5269d742d04b6e1ab03adb1";

If you delete this invisible character (you can tell it's there when you press backspace or delete beside it and nothing seems to happen), or just retype the thumbprint by hand, your code should work fine. Now if only Visual Studio had a "show invisible characters" option ...

Find certificate by thumbprint

The following works for me:

    public async Task<X509Certificate2> GetCertificate(string certificateThumbprint)
    {
        var store = new X509Store(StoreName.Root, StoreLocation.LocalMachine);
        store.Open(OpenFlags.ReadOnly);
        var cert = store.Certificates.OfType<X509Certificate2>()
            .FirstOrDefault(x => x.Thumbprint == certificateThumbprint);
        store.Close();
        return cert;
    }

Find X509 certificate from store based on Thumbprint

Your original string might contain invisible Unicode characters. If the thumbprint string from Certificate[1].Thumbprint works fine, copy it from debug window and use that one instead.

FindByThumbprint - certificate exists but not found

You probably have a hidden character or two at the very beginning of your thumbprint. I've made this mistake many times before when copying the thumbprint from the certificate manager in MMC. Here is a link for more information on this issue.
http://support.microsoft.com/kb/2023835

how to get X509Certificate using Friendly Name rather than Thumbprint?

Built-in search can be done only against static fields, that never change for any given certificate. Friendly name is not static, it can be changed for any single certificate unlimited times. Thus, I would STRONGLY recommend to not rely on cert friendly name. EVER.

you can do manual filtering, by enumerating all certificates and checking for matching certificate, but it is very poor and fragile way.

Find Certificate by hash in Store C#

var cert = store.Certificates.Find(
                                    X509FindType.FindByThumbprint,
                                    thumbprint,
                                    true
                                  ).OfType<X509Certificate>().FirstOrDefault();

Related Topics

ASP.NET Identity Change Password

Overriding Fields or Properties in Subclasses

What Are the Differences Between the Xmlserializer and Binaryformatter

Returning a String from a C# Dll with Unmanaged Exports to Inno Setup Script

How to Compile and Run C# Program Without Using Visual Studio

Memcpy Function in C#

How to Expand a String That Contains C# Literal Expressions at Runtime

Udp Hole Punching Implementation

Run a Background Task from a Controller Action in ASP.NET Core

Extract Thumbnail for Any File in Windows

C# Marking Class Property as Dirty

How to Bind to a Dynamicresource So You Can Use a Converter or Stringformat, etc.? (Revision 4)

C# Code for Association, Aggregation, Composition

Uninstalling Program

Which Files in a Visual C# Studio Project Don't Need to Be Versioned

How to Store and Retrieve Credentials on Windows Using C#

What Task Is Best Done in a Functional Programming Style

Convert String to System.Io.Stream


Leave a reply



Submit