First at all, I want to mention that this is my first article, so I will ask everybody to be patient and forgiving :) This article describes how to get information about digital certificates stored on your local machine; to be more specific, it looks into your System provider. It also shows how to search a certificate by name, and retrieve the certificate hash. For more info about .NET cryptography, read this article.
There has been a lot of articles published about cryptography classes in .NET, so I will not go into details on that, but instead I suggest you to read article that I mentioned above. In this article, I will show you how to access your digital certificate information and use it; particularly, I will give you an example of how to retrieve information from the "CurrentUser" and "LocalMachine" Store Locations. If you need to search for a certificate by name or if you are planning to get the certificate hash, this article is for you. Recently, I had to write some code that had to find a certificate based on the name of the certificate or the certificate key. After that, I had to encrypt some data using that certificate's private key. While it sounds easy, when you try to code this, you will notice that you can't really see the hash value because it's encoded. Therefore, I had to get the certificate and then convert that to a string first.
In the heart of this project, I have a function
getCertFromStore that will retrieve all certificates from the store based on the requested certificate info. It has an optional parameter
Name that will search for certificates with that name.
Public Function getCertFromStore(ByVal pCert_info As X509_Certificate_info, _
ByRef psError_Msg As String, _
Optional ByVal Name As String = "") _
Dim certLocation As X509CertificateStore.StoreLocation
If pCert_info.Certficate_Location = "LocalMachine" Then
certLocation = X509CertificateStore.StoreLocation.LocalMachine
ElseIf pCert_info.Certficate_Location = "CurrentUser" Then
certLocation = X509CertificateStore.StoreLocation.CurrentUser
psError_Msg = "Error Setting Location"
Dim certProvider As X509CertificateStore.StoreProvider
If pCert_info.Provider = "System" Then
certProvider = X509CertificateStore.StoreProvider.System
psError_Msg = "Retrieving certificate data: " & _
"StoreProvider is not SYSTEM Store "
Dim certStore As X509CertificateStore
If pCert_info.Store_Name.ToUpper = "MY" Then
certStore = New X509CertificateStore(certProvider, _
ElseIf pCert_info.Store_Name.ToUpper = "ROOT" Then
certStore = _
psError_Msg = "Unknown Store"
Dim boolOpen As Boolean = certStore.OpenRead()
Catch ex As Exception
psError_Msg = "Can not open certificate store for Provider:" & _
certProvider & " Location:" & _
certLocation & " Store Name:" & _
Dim cersCollection As X509CertificateCollection
If Name <> "" Then
cersCollection = certStore.FindCertificateBySubjectString(Name)
cersCollection = certStore.Certificates
After getting all the certificates from the store, we can get all the information about individual certificates, as needed.
txtHash.Text = System.Convert.ToBase64String(certMy.GetKeyIdentifier)
I also do a check to make sure I have the private key if I need to use the
rsaCSP = CType(certMy.Key, RSACryptoServiceProvider)
MsgBox("You have access to private keys on this certificate", _
Catch ex As Exception
MsgBox("Error Getting RSACryptoServiceProvider" & _
Even though this code is not really complicated, it becomes handy when you need to use certificate hashes since you will not be able to use that from the Certificate console. Please note that
certMy has a lot of properties that you can use.
Check my freelancing site for more info.