Events
Mar 17, 9 PM - Mar 21, 10 AM
Join the meetup series to build scalable AI solutions based on real-world use cases with fellow developers and experts.
Register nowHow to: Retrieve the Thumbprint of a Certificate
When writing a Windows Communication Foundation (WCF) application that uses an X.509 certificate for authentication, it is often necessary to specify claims found in the certificate. For example, you must supply a thumbprint claim when using the FindByThumbprint enumeration in the SetCertificate method. Finding the claim value requires two steps. First, open the Microsoft Management Console (MMC) snap-in for certificates. (See How to: View Certificates with the MMC Snap-in.) Second, as described here, find an appropriate certificate and copy its thumbprint (or other claim values).
If you are using a certificate for service authentication, it is important to note the value of the Issued To column (the first column in the console). When using Secure Sockets Layer (SSL) as a transport security, one of the first checks done is to compare the base address Uniform Resource Identifier (URI) of a service to the Issued To value. The values must match or the authentication process is halted.
You can also use the PowerShell New-SelfSignedCertificate cmdlet to create temporary certificates for use only during development. By default, however, such a certificate is not issued by a certification authority and is unusable for production purposes. For more information, see How to: Create Temporary Certificates for Use During Development.
Open the Microsoft Management Console (MMC) snap-in for certificates. (See How to: View Certificates with the MMC Snap-in.)
In the Console Root window's left pane, click Certificates (Local Computer).
Click the Personal folder to expand it.
Click the Certificates folder to expand it.
In the list of certificates, note the Intended Purposes heading. Find a certificate that lists Client Authentication as an intended purpose.
Double-click the certificate.
In the Certificate dialog box, click the Details tab.
Scroll through the list of fields and click Thumbprint.
Copy the hexadecimal characters from the box. If this thumbprint is used in code for the
X509FindType, remove the spaces between the hexadecimal numbers. For example, the thumbprint "a9 09 50 2d d8 2a e4 14 33 e6 f8 38 86 b0 0d 42 77 a3 2a 7b" should be specified as "a909502dd82ae41433e6f83886b00d4277a32a7b" in code.
Additional resources
Training
Module
Implement and manage Active Directory Certificate Services - Training
Implement and manage Active Directory Certificate Services
Certification
Microsoft Certified: Azure Fundamentals - Certifications
Demonstrate foundational knowledge of cloud concepts, core Azure services, plus Azure management and governance features and tools.
Documentation
-
How to: View certificates with the MMC snap-in - WCF
A secure WCF client or service can use a certificate as a credential. Learn about the types of certificate stores you can examine by using the MMC plug-in.
-
How to: Create Temporary Certificates for Use During Development - WCF
Learn how to use a PowerShell cmdlet to create two temporary X.509 certificates for use in developing a secure WCF service or client.
-
Install imported certificates - Windows Server
Describes how to import a Web site certificate into the certificate store of the local computer and assign the certificate to the Web site.