onefootswill
Reputation: 4077
Is It Possible to Retrieve a CA Certificate from CertificateAuthority Store
I'm working through the .NET API for working with X509 certificates and would like to know if it is possible to retrieve a CA Certificate from CertificateAuthority Store. I have tried loads of permutations and the one that makes the most sense (but also fails) is:
var store = new X509Store(StoreName.CertificateAuthority, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
var count = store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName, "CN=SecureTrust CA", false).Count;
store.Close();
That returns a count of 0.
Upvotes: 0
Views: 428
Answers (1)
Damien_The_Unbeliever
Reputation: 239664
As indicated in the comments, you need to use Root rather than CertificateAuthority. Also, if you're using FindBySubjectDistinguishedName, you have to use the full DN.
This works:
var store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
var count = store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName,
"CN=SecureTrust CA, O=SecureTrust Corporation, C=US", false).Count;
store.Close();
Or use the less strict FindBySubjectName:
var store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
var count = store.Certificates.Find(X509FindType.FindBySubjectName,
"SecureTrust CA", false).Count;
store.Close();
Upvotes: 1
Related Questions
- All possible array initialization syntaxes
- Get int value from enum in C#
- curl: (60) SSL certificate problem: unable to get local issuer certificate
- Why not inherit from List<T>?
- Call one constructor from another
- How do I update the GUI from another thread?
- Generate and Sign Certificate Request using pure .net Framework
- Reading from a remote certificate store with .Net
- CMS signing in .NET with certificate chain not in local trusted certificate store