Re: .net certificate store access with P/Invoke and CAPICOM

andrew
Date: 05/01/03

  • Next message: Michel Gallant \(MVP\): "Re: .net certificate store access with P/Invoke and CAPICOM" 
    Date: Thu, 1 May 2003 16:05:20 +1000

    "Michel Gallant (MVP)" <neutron@istar.ca> wrote in message
    news:utFbfiPDDHA.33376@TK2MSFTNGP10.phx.gbl...
    > Current releases of .net framework (1.0, 1.1) do not have support for
    > directly accessing cryptoAPI certificate stores although future releases
    > should have more comprehensive crypto-support.
    > The following article demonstrates how to access certificate stores using:
    > - CAPICOM 2 interop
    > - P/Invoke on the cryptoAPI libraries
    > http://pages.istar.ca/~neutron/CapiCert
    >
    > The article includes sample code showing simple searching of
    > a system cert store for a substring in the SubjectName cert. field,
    > and retrieving a certificate context handle which can be used
    > to instantiate an X509Certificate object.

    Michel,

    Are you aware of the Microsoft.Web.Services.Security.X509 namespace in
    contained in Microsofts Web Service Enhancements ? Checkout
    http://msdn.microsoft.com/webservices/building/wse/default.aspx

    You can easily enumerate a specified store and search for certificates using
    any of the following methods:
    FindCertificateByHash()
    FindCertificateByKeyIdentifier()
    FindCertificateBySubjectName()
    FindCertificateBySubjectString()

    You can easily enumerate the store by the following code:

    using Microsoft.Web.Services.Security.X509;

    X509CertificateStore store = new
    X509CertificateStore(X509CertificateStore.StoreProvider.System,
    X509CertificateStore.StoreLocation.CurrentUser, "Root");
    try {
        store.OpenRead();
        foreach (X509Certificate certificate in store.Certificates)
            MessageBox.Show(certificate.ToString(true);
    } finally {
        store.Close();
    }

    hth
    andrew

  • Next message: Michel Gallant \(MVP\): "Re: .net certificate store access with P/Invoke and CAPICOM"

    Relevant Pages

    • Re: Active Directory Federation Services
      ... that is associated with their profile and the machine itself has a store. ... Just wanted to let you know that I got the cert problem fixed. ... the user certificate store. ... FSP was looking for certs in the local ...
      (microsoft.public.windows.server.active_directory)
    • Re: Accessing certificate store from ASP.NET web project
      ... the cert must be in the local computer/personal) store - it will then open ... Have a look at the source code to open the right cert store... ... One of the locations requires a x509 certificate in order ... different user context than my vb.net web project. ...
      (microsoft.public.dotnet.security)
    • Re: Issues with SSL on Win CE 5.0
      ... the HKCU certificate store. ... and tell the web server to use it. ... The old cert was in. ...
      (microsoft.public.windowsce.embedded)
    • Re: SMS 2003 SP1 Client Install Problem or Policy Retreival Problem?
      ... > Failed to find running shell process ... >> It is possible that the crypto store has somehow been corrupted. ... >>> The MP is setup and thousands of other clients have access. ... >>> Failed to find the certificate in the store, ...
      (microsoft.public.sms.admin)
    • Re: Issues with SSL on Win CE 5.0
      ... the HKCU certificate store. ... and tell the web server to use it. ... The old cert was in. ...
      (microsoft.public.windowsce.embedded)