Defines the sources from which to retrieve an X.509 certificate.
The CertificateSourceFlags enumeration is used with the X509Chain.Build(X509Certificate2) method to specify how to search for a certificate.
When you build an X.509 chain, the system needs to locate trusted root
certificates and intermediate certificates. The certificate stores on a
computer contain these certificates. The CertificateSourceFlags enumeration allows you to control which of these stores are searched.
public enum CertificateSourceFlags| Member | Description | Value |
|---|---|---|
| None | No certificates are retrieved. | 0 |
| MachineStore | Certificates are retrieved from the machine's certificate store. | 1 |
| UserStore | Certificates are retrieved from the current user's certificate store. | 2 |
| ExportStore | Certificates are retrieved from an export store (e.g., a PFX file). | 4 |
| AllStores | All available certificate stores are searched. This is equivalent to
MachineStore | UserStore | ExportStore. |
7 |
The following C# code example demonstrates how to build an X.509 certificate chain using certificates from both the machine store and the user store.
using System;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class CertificateExample
{
public static void Main(string[] args)
{
X509Certificate2 clientCertificate = null; // Assume this is obtained elsewhere
X509Chain chain = new X509Chain();
// Specify that the chain should be built using certificates from the machine
// store and the user store.
chain.ChainPolicy.ExtraStoreFlags =
CertificateSourceFlags.MachineStore | CertificateSourceFlags.UserStore;
// You would typically have a certificate to build the chain from,
// for example, a server certificate.
// For demonstration purposes, let's assume we have a placeholder.
try
{
// Replace with an actual certificate if testing.
// This is just a conceptual example of building the chain.
bool success = chain.Build(clientCertificate);
if (success)
{
Console.WriteLine("Certificate chain built successfully.");
// Further processing of the chain
}
else
{
Console.WriteLine("Certificate chain build failed.");
foreach (X509ChainStatus status in chain.ChainStatus)
{
Console.WriteLine($"Status: {status.StatusInformation}");
}
}
}
catch (Exception ex)
{
Console.WriteLine($"An error occurred: {ex.Message}");
}
}
}