I have an application that uses a certificate to talk to a webservice on a server that enforces SSL.
Right now we use x509Store.Certificates.Find(X509FindType.FindBySerialNumber, certSerialNumber, true);.
This always gets us the correct one, but itcauses us to maintain a per-workstation serial number of the certs we need.
Given that we have to use certificate per workstation, is there something that makes more sense, or is the serial what everone does? I figure the serial is used because it always works.
It really depends on what you are looking for. If you want to always uniquely identify a particular certificate and don’t mind changing it per machine then the only options are
FindByThumbprintorFindBySerialNumber.If you can control another attribute you could use it instead. For instance,
FindByIssuerDistinguishedNamewould work if the only certificate from a particular issuer is the one you are looking for. SimilarlyFindByTemplateName(and several others) can be used if you have more finite control over what kind of certificate is used. (i.e. you can define a unique attribute to lookup).