Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


VB.NET How to loop through x509 certificates and determine if they are exportable

Posted on 2009-05-12
Medium Priority
Last Modified: 2012-06-22
Hi, I'm a pretty obvious newcomer to .net / VB. We have lots of administrative scripts that use CAPICOM to manage our EFS certificates on our corporate workstations. With Windows 7 CAPICOM is no longer supported so we need to find something else. We are trying to convert code that opens a users certificate store (CURRENT USER STORE), loops through the certificates in the collection, and gets determines if the certificate is exportable or not. To determine whether the certificate is exportable or not the CspKeyContainerInfo.Exportable Property must be accessed but I'm having trouble making the connection on how to access it as I loop through the certificates in the collection. here is the code I have so far below. Its just a form with a button, it loops through the current users certificates, showing the thumbprint for each. I would also like to know if the certificate is exportable as well. Thanks!
Imports System
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
Imports System.Text
Imports System.IO
Public Class Form1
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        'Instantiate the Store / The store name is My, location is current user store
        Dim store As New X509Store("MY", StoreLocation.CurrentUser)
        'Open the stor
        'Use the X509CertificateCollection class to get the certificates from the my store into a collection
        Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
        'Declare x509 as the certificate object
        Dim x509 As New X509Certificate2
        'Loop through the certificates in the store, one by one
        For Each x509 In collection
            'Show the thumbprint for each certificate in the users store
        Next x509
    End Sub
End Class

Open in new window

Question by:JSunn
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2

Expert Comment

ID: 24401365
I'm not a huge fan of using reserved words as variables... but hey, C# folks do it all the time, right?
But check it:
Instead of "Dim x509 as New blahblahblah"
-try this_

Delete the line that says, "Dim x509 As New X509Certificate2
and for your loop, do this:

For Each x509 as x509Certificate2 In collection

LEAVE the line I said to delete... but DELETE the word, "New"... and seriously - consider changing your collection to a variable name other than... collection!  How bout, "509Collection" ?  lol just a thought!  

Good luck :)


Author Comment

ID: 24412167
I appreciate the tip, however I am trying to find a way to determine if the certificate is exportable as I loop through the collection. Any idea on that?

Expert Comment

ID: 24415870
Sorry JS - I'm not familiar at all with that object.  My comments were intended to give you some pointers on handling your collection-loop.

If there is a property you can examine, you'd do it like this:

For Each x509 as x509Certificate2 In collection
   If x509.IsExportable Then
      ' Do your export code here...
   End If

Or perhaps...
For Each x509 as x509Certificate2 In collection
   If x509.SomeProperty = (whatever the value is that makes this exportable) Then
      ' Do your export code here...
   End If

Again - without knowing how you would determine if the object is exportable, I cannot be more specific.
I hope this helps!


Author Comment

ID: 24604280
There doesn't seem to be anyone with an answer to my question so I'm fine with deleting it. Thanks!

Accepted Solution

ee_auto earned 0 total points
ID: 24635853
Question PAQ'd, 500 points not refunded, and stored in the solution database.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Ransomware is a growing menace to anyone using a computer or mobile device. Here are answers to some common questions about this vicious new form of malware.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question