Solved

VB.NET How to loop through x509 certificates and determine if they are exportable

Posted on 2009-05-12
6
1,027 Views
Last Modified: 2012-06-22
Hi, I'm a pretty obvious newcomer to .net / VB. We have lots of administrative scripts that use CAPICOM to manage our EFS certificates on our corporate workstations. With Windows 7 CAPICOM is no longer supported so we need to find something else. We are trying to convert code that opens a users certificate store (CURRENT USER STORE), loops through the certificates in the collection, and gets determines if the certificate is exportable or not. To determine whether the certificate is exportable or not the CspKeyContainerInfo.Exportable Property must be accessed but I'm having trouble making the connection on how to access it as I loop through the certificates in the collection. here is the code I have so far below. Its just a form with a button, it loops through the current users certificates, showing the thumbprint for each. I would also like to know if the certificate is exportable as well. Thanks!
Imports System
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
Imports System.Text
Imports System.IO
Public Class Form1
 
 
 
 
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
 
 
        'Instantiate the Store / The store name is My, location is current user store
        Dim store As New X509Store("MY", StoreLocation.CurrentUser)
        'Open the stor
        store.Open(OpenFlags.ReadWrite)
        'Use the X509CertificateCollection class to get the certificates from the my store into a collection
        Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
        'Declare x509 as the certificate object
 
        Dim x509 As New X509Certificate2
 
 
        'Loop through the certificates in the store, one by one
        '------------
        
 
        For Each x509 In collection
            
 
            'Show the thumbprint for each certificate in the users store
            MsgBox(x509.Thumbprint)
 
 
        Next x509
 
        store.Close()
 
 
 
 
    End Sub
End Class

Open in new window

0
Comment
Question by:JSunn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
6 Comments
 

Expert Comment

by:lkalvin
ID: 24401365
I'm not a huge fan of using reserved words as variables... but hey, C# folks do it all the time, right?
But check it:
Instead of "Dim x509 as New blahblahblah"
-try this_

Delete the line that says, "Dim x509 As New X509Certificate2
and for your loop, do this:

For Each x509 as x509Certificate2 In collection
   Msgbox(x509.ThumbPrint.ToString)
Next

-OR-
LEAVE the line I said to delete... but DELETE the word, "New"... and seriously - consider changing your collection to a variable name other than... collection!  How bout, "509Collection" ?  lol just a thought!  

Good luck :)

-LK
0
 
LVL 2

Author Comment

by:JSunn
ID: 24412167
lkalvin,
I appreciate the tip, however I am trying to find a way to determine if the certificate is exportable as I loop through the collection. Any idea on that?
0
 

Expert Comment

by:lkalvin
ID: 24415870
Sorry JS - I'm not familiar at all with that object.  My comments were intended to give you some pointers on handling your collection-loop.

If there is a property you can examine, you'd do it like this:

For Each x509 as x509Certificate2 In collection
   If x509.IsExportable Then
      ' Do your export code here...
   End If
   Msgbox(x509.ThumbPrint.ToString)
Next

Or perhaps...
For Each x509 as x509Certificate2 In collection
   If x509.SomeProperty = (whatever the value is that makes this exportable) Then
      ' Do your export code here...
   End If
Next

Again - without knowing how you would determine if the object is exportable, I cannot be more specific.
I hope this helps!

-LK
0
 
LVL 2

Author Comment

by:JSunn
ID: 24604280
There doesn't seem to be anyone with an answer to my question so I'm fine with deleting it. Thanks!
0
 

Accepted Solution

by:
ee_auto earned 0 total points
ID: 24635853
Question PAQ'd, 500 points not refunded, and stored in the solution database.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question