다음을 통해 공유


VB.NET code to find a certificate with its issuer name and display its contents – small post but helpful

This is a small blog post but I found it handy and useful to document.

I created a test certificate with name “shmisra” and kept it in the “Personal” store in the users profile as shown below.

clip_image002

I read this certificate and print its details using the code shown below.

Imports System

Imports System.Security.Cryptography

Imports System.Security.Cryptography.X509Certificates

Imports System.IO

Module Module1

Sub Main()

'Create a X509Store object.

Dim x509Store As New X509Store(StoreName.My, StoreLocation.CurrentUser)

Try

' create and open store for read-only access

            x509Store.Open(OpenFlags.ReadOnly)

' search store

Dim col As New X509Certificate2Collection

            col = x509Store.Certificates.Find(X509FindType.FindByIssuerName, "shmisra", True)

'Print to console the information contained in the certificate.

            Console.WriteLine("{0}Subject: {1}{0}", Environment.NewLine, col(0).Subject)

            Console.WriteLine("{0}Issuer: {1}{0}", Environment.NewLine, col(0).Issuer)

            Console.WriteLine("{0}Version: {1}{0}", Environment.NewLine, col(0).Version)

            Console.WriteLine("{0}Valid Date: {1}{0}", Environment.NewLine, col(0).NotBefore)

            Console.WriteLine("{0}Expiry Date: {1}{0}", Environment.NewLine, col(0).NotAfter)

            Console.WriteLine("{0}Thumbprint: {1}{0}", Environment.NewLine, col(0).Thumbprint)

            Console.WriteLine("{0}Serial Number: {1}{0}", Environment.NewLine, col(0).SerialNumber)

            Console.WriteLine("{0}Friendly Name: {1}{0}", Environment.NewLine, col(0).PublicKey.Oid.FriendlyName)

            Console.WriteLine("{0}Public Key Format: {1}{0}", Environment.NewLine, col(0).PublicKey.EncodedKeyValue.Format(True))

            Console.WriteLine("{0}Raw Data Length: {1}{0}", Environment.NewLine, col(0).RawData.Length)

            Console.WriteLine("{0}Certificate to string: {1}{0}", Environment.NewLine, col(0).ToString(True))

            Console.WriteLine("{0}Certificate to XML String: {1}{0}", Environment.NewLine, col(0).PublicKey.Key.ToXmlString(False))

Catch ex As Exception

            Console.WriteLine("An error occurred: '{0}'", ex)

Finally

            X509Store.Close()

End Try

End Sub

End Module

The X509FindType enumeration has several members so you can change the search criteria based upon your need. Say you want to search a certificate based on the serial number of the certificate. So the search code will be:

' search store

Dim col As New X509Certificate2Collection

col = x509Store.Certificates.Find(X509FindType.FindBySerialNumber, "xxxxxx", True)

‘ True is specified to allow only valid certificates to be returned from the search; otherwise specify False.

References:

· https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509store.aspx

· https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509findtype.aspx

· https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509certificate2collection.find.aspx

 

-Shamik Misra

Comments

  • Anonymous
    February 19, 2015
    That's create if you already have the cert and are looking right at it. But how would you actually check some remote site... and GET its cert in the first place?