https CA根证书
用的是证书指纹来查找。
在用 collection.Find 之前 ,X509Store 一定要打开(Open),否则找到的数量(X509Certificate2Collection)为0.
--
X509Store store = new X509Store(StoreName.Root, StoreLocation.LocalMachine);//获取本地计算机受信任的根证书的储存区 store.Open(OpenFlags.MaxAllowed); //查找证书前,一定要打开 X509Certificate2Collection collection = store.Certificates;//获取储存区上的所有证书 //DigiCert Global Root CA,Thumbprint: A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436 string Thumbprint = "A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436"; //按指纹查找,系统是否内置了这个根证书 X509Certificate2Collection fcollection = collection.Find(X509FindType.FindByThumbprint, Thumbprint, false); try { if (fcollection != null) { if (fcollection.Count > 0) { DialogResult dr = MessageBox.Show("查找数量:" + fcollection.Count.ToString() + " ,是否删除?", "", MessageBoxButtons.YesNo); if (dr == DialogResult.Yes) { store.RemoveRange(fcollection); return; } } else { MessageBox.Show("查找数量:" + fcollection.Count.ToString()); } } if (fcollection != null && fcollection.Count == 0) { // MessageBox.Show("没有 DigiCert Global Root CA"); DialogResult dr = MessageBox.Show("没有 'DigiCert Global Root CA' ,是否导入?", "", MessageBoxButtons.YesNo); if (dr == DialogResult.No) return; string crtFullName = Path.Combine(Application.StartupPath, "DigiCertGlobalRootCA.crt"); if (File.Exists(crtFullName)) { X509Certificate2 x509 = new X509Certificate2(crtFullName); //安装证书,证书(本地计算机)-受信任的根证书的储存区 store.Add(x509); } } } catch (Exception ex) { MessageBox.Show(ex.Message); } finally { store.Close(); //finally关闭 }
--
