Usage of System.Security.Cryptography.X509Certificates to display valid certificates
Published Feb 15 2019 06:17 AM 688 Views

This blog illustrates the use of the System.Security.Cryptography.X509Certificates namespace to fetch the valid certificate from the Certificate Store including both the CurrentUser and LocalMachine.


The below sample console application uses the System.Security.Cryptography.X509Certificates namespace that contains the common language runtime implementation of the Authenticode X.509 v.3 certificate.

This sample will search the concerned 'SubjectName' of the certificate in the LocalMachine unless you manually specify the StoreLocation.

Once you specify the SubjectName for the member X509FindType.FindBySubjectName the certificate store mentioned in the StoreLocation is parsed and the valid certificate is displayed on the console.

How to run the sample code:

  1. You can run the below sample from the Visual Studio by creating a console application under .Net Framework 2.0 or above.
  2. You can also run the console application from the command prompt as shown below:

In the below sample code, we are fetching the certificates with SubjectName CN =localhost and it is fetching from the LocalMachine of the Certificate store unless it is specified in the command line to the CurrentUser.

using System;

using System.Collections.Generic;

using System.Security.Cryptography.X509Certificates;


//This sample assumes you have installed the PFX file for the concerned certificate

//If the cert is installed in the CurrentUser / LocalMachine store on a Windows Server, this code will find it based on the specified SubjectName CN


namespace X509Cert_Demo


class Program


static void Main(string[ ] args)


StoreLocation location = StoreLocation.LocalMachine;

if (args.Length > 0)


if (args[0].ToString( ).ToUpper( ) == "LOCALMACHINE")


location = StoreLocation.LocalMachine;


else if (args[0].ToString( ).ToUpper( ) == "CURRENTUSER")


location = StoreLocation.CurrentUser;




List<String> certSearchResults = new List<string>( );


X509Store store = new X509Store(StoreName.My, location);



Console.WriteLine(String.Format("Searching Store: {0} using FindBySubjectName value: {1}", location, "localhost"));


X509Certificate2Collection certificates = store.Certificates.Find(X509FindType.FindBySubjectName, "localhost", true);


Console.WriteLine("Number of certificates found:" + certificates.Count);


if (certificates.Count >= 1)


Console.WriteLine("The following valid certificates were found:");

foreach (var cert in certificates)


Console.WriteLine(String.Format("{0}{1}{2}", Environment.NewLine, Environment.NewLine, cert.ToString(false)));






Console.WriteLine("No valid certificate was found.");


Console.WriteLine("Press Enter to end program...");

Console.ReadLine( );





The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages

Author: Naveen Baliga

Version history
Last update:
‎Feb 15 2019 06:17 AM
Updated by: