ComponentSpace

Forums



Retrieving Local Service Provider Certificate from Windows Certificate Store


Retrieving Local Service Provider Certificate from Windows Certificate...

Author
Message
bhaynes
bhaynes
New Member
New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)

Group: Forum Members
Posts: 9, Visits: 24
I have written my own CertificateManager.  I would like to store the LocalServiceProviderCertificate in the Windows Certificate Store.  However, I am having trouble retrieving the certificate.  When I call Find on the X509Store object, it returns a collection with zero items.  What is the correct method to get a X509Certificate2 object with both keys from the Windows Certificate Store so that I can provide it to the LocalServiceProviderCertificate property?

Here is the code I am using:

LocalServiceProviderCertificate = FindCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectName, "www.idp.com");

private static X509Certificate2 FindCertificate(StoreLocation location, StoreName name, X509FindType findType, string findValue)
        {
            X509Store store = new X509Store(name, location);
            try
            {
                // create and open store for read-only access
                store.Open(OpenFlags.ReadOnly);
               
                // search store
                X509Certificate2Collection col = store.Certificates.Find(findType, findValue, true);
               
                // return first certificate found
                return col[0];
            }
            // always close the store
            finally
            {
                store.Close();
            }
        }

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
The code looks ok. I suggest writing some test code that iterates over all the certificates in the store.Certificates collection and dumps out the subject name and/or DN of each certificate. This should help determine why the Find method is failing to find the certificate.
Please note that other standard certificate manager supports certificates store on the file system as well as certificate stored in the Windows certificate store for the local machine. The SAML configuration describes how to specify a certificate in the certificate store by subject name, serial number or thumbprint.

Regards
ComponentSpace Development
bhaynes
bhaynes
New Member
New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)

Group: Forum Members
Posts: 9, Visits: 24

Thank you for the suggestion.  I found that the certificate I was looking for was in the collection, but since it was self-signed, it was not trusted and so was not being returned from Find when I was using validOnly=true.


GO


Similar Topics


Execution: 0.000. 1 query. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search