How to find certificate by its thumbprint in C#

I am using this code to find the certificate by its thumbprint. certificate exists in certificate manager in personal certificate store but this code is not finding that certificate.

Please tell me where I'm doing wrong in it.

namespace ConsoleApplication1
{
	class Program
	{
		static void Main(string[] args)
		{
            string certThumbPrint = "‎‎fe14593dd66b2406c5269d742d04b6e1ab03adb1";
			X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
			// Try to open the store.

			certStore.Open(OpenFlags.ReadOnly);
			// Find the certificate that matches the thumbprint.
			X509Certificate2Collection certCollection = certStore.Certificates.Find(
                X509FindType.FindByThumbprint, certThumbPrint, false);
			certStore.Close();

			// Check to see if our certificate was added to the collection. If no, 
            // throw an error, if yes, create a certificate using it.
			if (0 == certCollection.Count)
			{
				Console.WriteLine("Error: No certificate found containing thumbprint " );
			}
			Console.ReadLine();
}

Just stumbled over this question when Googling for the same issue, and found the answer here: if, like me, you obtained your "source" thumbprint from MMC by highlighting the thumbprint and copying it to the clipboard, you've almost certainly caught an invisible character at the start of the screen, so:

> string certThumbPrint = "‎‎fe14593dd66b2406c5269d742d04b6e1ab03adb1";

is actually

> string certThumbPrint = "‎‎INVISIBLECHARACTERfe14593dd66b2406c5269d742d04b6e1ab03adb1";

If you delete this invisible character (you can tell it's there when you press backspace or delete beside it and nothing seems to happen), or just retype the thumbprint by hand, your code should work fine. Now if only Visual Studio had a "show invisible characters" option ...

The string literal containing your thumbprint has a left-to-right mark at the beginning. When MMC lists the certificate properties, it precedes the thumbprint value with this character so that the hex bytes are listed left to right even in locales where the text is normally rendered right to left.

Likely, this was a shortcut someone took because it was easier to prepend a character to one of the values in the property list than write a bit of code to dynamically update the edit control's style. Perhaps it was a quick fix to a bug report during localization testing.

In the MMC, the left-to-right mark has non-zero width, which you can observe by watching the cursor move when you arrow across it and my noticing that the first row of hex bytes is shifted slightly to the right compared to the second row.

In other editors such as Visual Studio, the left-to-right mark has no width, but you can still observe it by noticing that the cursor does not move when you arrow across is. As KenD answered, deleting this character solves the problem.

Quick way to identify the invisible character: Use the keyboard to select the invisible character; then paste it into Word between some normal characters. Select it in Word; then click Insert > Symbol > More Symbols. Look in the lower left under "Unicode name".

to ensure that those LTR "\u200e" and RTL "\u200f" chars are removed from your thumbprint string do the following

thumbprint = thumbprint.Replace("\u200e", string.Empty).Replace("\u200f", string.Empty).Replace(" ",string.Empty);

the last string replace for the white space removal isnt completely necessary as it finds my certificate with or without them.

other troublesome unicode characters can be found here

UTF-8 encoding table and Unicode characters

My two cents: I copied the value in MMC and pasted it in VS with White Spaces enabled.

There was nothing in the beginning but a space in the end: "1e 52 73 0d 00 29 e6 85 7b e6 23 e2 fa c7 a5 08 ac 36 5e 57 "

Now, in web.config file I pasted the value maintaining all the spaces inside, removing the final space: "1e 52 73 0d 00 29 e6 85 7b e6 23 e2 fa c7 a5 08 ac 36 5e 57"

This works fine.

If I use "1e52730d0029e6857be623e2fac7a508ac365e57", removing the space inside as I see in other posts, doesn't work...

Hope this can help ;)

I run this powershell script to get all thumbprints and redirect the output to a text file and copy the thumbprint from there.

Get-ChildItem -path cert:\LocalMachine\My

To redirect to the output to a text file use this:

Get-ChildItem -path cert:\LocalMachine\My > thumbprints.txt

I did the following to remove the extra character, and also to remove anything else that's not valid hexadecimal (and ToUpper it):

			thumbprint = Regex.Replace(thumbprint.ToUpper(), @"[^0-9A-F]+", string.Empty);

This allowed me to copy the thumbprint straight from the cert manager dialog and paste it straight into my usage.

I was able to resolve issue by writing a console application that retrieve all certs on certificate and output the thumbprint id. I copied the console output and inserted the thumbprint exactly. No issues. Seems like copying from the MMC console causes issues even though the data looks similar. I used this site as starting point to reading all certificates.

https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509certificate2.thumbprint(v=vs.110).aspx