I have a smart card reader. When I attempt to visit a website that accepts client certificates, the browser gives me a list of 2 or 3 client certificates.
All of these certificate options are closely related to cards that have been used from my machine.
When I try to access these options via the X509Store class in .NET, I get back 256 options. That is too many for the user to sort through!
X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadWrite);
First of all: open certificate store as read-only:
next, you have to filter by
application policy = client authentication:
var certs = store.Certificates.Find(X509FindType.FindByApplicationPolicy, "220.127.116.11.18.104.22.168.2", true);
certs variable will store only valid certificates (trusted, non-revoked, time-valid, etc.) and which are suitable for client authentication.
when done, close the store: