Menu
I'm having a problem when I use the method X509Store.Certificates.Find
public static X509Certificate2 FromStore(StoreName storeName,
StoreLocation storeLocation, X509FindType findType, string findValue)
{
X509Store store = new X509Store(storeName, storeLocation);
store.Open(OpenFlags.ReadOnly);
try
{
//findValue = "7a6fa503ab57b81d6318a51ca265e739a51ce660"
var results = store.Certificates.Find(findType, findValue, true);
return results[0];
}
finally
{
store.Close();
}
}
In this case the Find Method returns 0 results (results.Count == 0), but if I put the findValue as constant the method find the certificate.
public static X509Certificate2 FromStore(StoreName storeName,
StoreLocation storeLocation, X509FindType findType, string findValue)
{
X509Store store = new X509Store(storeName, storeLocation);
store.Open(OpenFlags.ReadOnly);
try
{
//findValue= "7a6fa503ab57b81d6318a51ca265e739a51ce660"
var results = store.Certificates.Find(findType,
"7a6fa503ab57b81d6318a51ca265e739a51ce660", true);
return results[0];
}
finally
{
store.Close();
}
}
799
I suppose that you have copy-pasted the thumbprint from the Windows certificate information dialog box into your code (or to a config file if this is a simplified example). Annoyingly, the first character in the thumbprint textbox is the invisible Unicode "left-to-right-mark" control character. Try selecting the opening string quote and the first character of the thumbprint, deleting them (which will also get rid of the invisible character in-between), and retyping them by hand.
I was subjected to this odd behaviour myself today, and it took me over an hour to figure it out. The way I finally saw it was by using the debugger to check the lengths and hash codes of findValue and of the Thumbprint of the certificate object, which turned out to be different. This led me to inspect the character arrays of those strings in the debugger, where the invisible character showed up.
185
I took some of the answers here and combined them into a static method that takes care of removing special characters and upper cases everything. Hopefully someone else can use it.
public static X509Certificate2 GetCertificate(string thumbprint)
{
// strip any non-hexadecimal values and make uppercase
thumbprint = Regex.Replace(thumbprint, @"[^\da-fA-F]", string.Empty).ToUpper();
var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
try
{
store.Open(OpenFlags.ReadOnly);
var certCollection = store.Certificates;
var signingCert = certCollection.Find(X509FindType.FindByThumbprint, thumbprint, false);
if (signingCert.Count == 0)
{
throw new FileNotFoundException(string.Format("Cert with thumbprint: '{0}' not found in local machine cert store.", thumbprint));
}
return signingCert[0];
}
finally
{
store.Close();
}
}
I had the same Problem and solved it:
I copied the Fingerprint from mmc directly to VS. I compared the strings and didn't find any difference.
Checking the length with hash.length, there was a difference, 41 vs. 40.
There is an invisible Char added to the string by copying it out of mmc.
Solving:
It's working.
22
I fell victim to this. Not only was there a Unicode "left-to-right" character in the Windows console snap-in display of the thumbprint, but it also had lowercase hex characters, with spaces between every two characters. The output of CertUtil also had lowercase characters, and spaces. To get a match, I had to specify the findValue as a string which has been transformed to
36
This tripped me up too, I wrote this function to clean the thumbprint when copied and pasted from MMC:
public string CleanThumbprint(string mmcThumbprint)
{
//replace spaces, non word chars and convert to uppercase
return Regex.Replace(mmcThumbprint, @"\s|\W", "").ToUpper();
}
...
var myThumbprint = CleanThumbprint("b3 ab 84 e5 1e e5 e4 75 e7 a5 3e 27 8c 87 9d 2f 05 02 27 56");
var myCertificate = certificates.Find(X509FindType.FindByThumbprint, myThumbprint, true)[0];
This code should work.
I suppose you have copied this thumbprint from the certificate management console. And that copied value contains unicode non-readable symbol which is invisible in Visual Studio. Try to delete the first invisible symbol and if this is what I think of, this should work.
44
I ran into this same thing. I couldn't find this answer anywhere in here so I'll post it. It seems for me the X509Store find function just was flat not working. I verified this by a simple for loop and retrieving the cert manually.
X509Store store = new X509Store(StoreName.Root,StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate cert = new X509Certificate();
for (int i = 0; i < store.Certificates.Count; i++)
{
if (store.Certificates[i].SerialNumber == "XXXX")
{
cert = store.Certificates[i];
}
}
Replace the code to find your certificate in the store as below:
var results = store.Certificates.Find(findType, findValue, true);
Also the 3rd param which is bool return certificates only if the certificate is valid. So make sure that your certificate is valid. If you have a self signed certificate or so then just pass the 3rd param to be "false"
21
Here is the simple version of code for the above suggestions- ofcourse which is worked for me
private X509Certificate2 GetCertificate()
{
var certStore = new X509Store("my");
certStore.Open(OpenFlags.ReadOnly);
try
{
const string thumbprint = "18 33 fe 3a 67 d1 9e 0d f6 1e e5 d5 58 aa 8a 97 8c c4 d8 c3";
var certCollection = certStore.Certificates.Find(X509FindType.FindByThumbprint,
Regex.Replace(thumbprint, @"\s+", "").ToUpper(), false);
if (certCollection.Count > 0)
return certCollection[0];
}
finally
{
certStore.Close();
}
return null;
}
I encounter this invisible Unicode char as well. Trying using Notepad (Windows 10) somehow didn't work well for me either. Finally, I use PowerShell to get the clean thumbprint hex:
PS C:\> $tp= (Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object {$_.Subject -match "mycert"}).Thumbprint;
PS C:\> $tp
SO much for Unicode char.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
