Home/ Questions/Q 8182651
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T00:55:23+00:00

Is there any way we can fetch X509 Public Cetrificates using c# from AD

  • 0

Is there any way we can fetch X509 Public Cetrificates using c# from AD Server for Encrypting an Email.
Right now I am using the local Store for Picking up the Certificates and Encrypting an Mail.

static public X509Certificate2 GetRecipientCertPublic(string recipientName)
{  
    X509Store storeAddressBook =
        new X509Store(StoreName.AddressBook, StoreLocation.CurrentUser);
    storeAddressBook.Open(OpenFlags.ReadOnly);

    X509Certificate2Collection certColl =
        storeAddressBook.Certificates.Find(X509FindType.FindBySubjectName, recipientName, false);
    storeAddressBook.Close();

    if (certColl.Count != 0)
    {

        return certColl[0];
    }
    else
    {
        return null;
    }
}

As i see the behaviour in Outlook is different. Even if the public certificate of the Recipeint is not Present in the local Machines Certificate Manager. it is able to pick up the public certificate from centeral server of the organization or the Ad Server (i am not very sure about it) and send the encrypted mail.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team
    // Where ##### is the name of your AD server
DirectoryEntry de = new DirectoryEntry("LDAP://#####");
DirectorySearcher dsearch = new DirectorySearcher(de);

//Search how you want.  Google "LDAP Filter" for more.
dsearch.Filter = "(cn=#####)"; 
SearchResultCollection rc = dsearch.FindAll();
X509Certificate stt = new X509Certificate();

foreach (SearchResult r in rc)
{
    if (r.Properties.Contains("userCertificate"))
    {
        // This is hard coded to the first element.
        // Some users may have multiples.  Use ADSI Edit to find out more.
        Byte[] b = (Byte[])r.Properties["userCertificate"][0];
        X509Certificate cert1 = new X509Certificate(b);
    }
}
    • 0