none
InvalidOperationException: Found multiple X.509 certificates

    Question

  • I am trying to use X.509 certificates in my InfoCard app.

    On the host, my configuration reads as below: 

    <certificateReference findValue="Fabrikam"
                  storeLocation="CurrentUser"
                 storeName="TrustedPeople"
                  x509FindType="FindBySubjectName" />

    On the client, my configuration reads as below: 

    <certificateReference
           findValue="Fabrikam"
           storeLocation="CurrentUser"
           storeName="My"
           x509FindType="FindBySubjectName" />

    When executing the service, my host throws an InvalidOperationException saying

    "Found multiple X.509 certificates using search criteria StoreName 'TrustedPeople', StoreLocation 'CurrentUser', FindType 'FindBySubjectName', FindValue 'Fabrikam'.  Try providing a more specific find value."

    However, I checked the certificate store, which shows only only certificate each in the above specified locations. Can anybody help me out in figuring out what could be wrong.

    Thanks,

    Mahalax

    Thursday, March 02, 2006 6:19 AM

Answers

  •  I am thinking some certificate with same subject name might be hiding some where on the store (Thinking wcf doing its job)

    //copy following program to console app and see how many certifactes it is able to find it out,search in both localmachine and currentuser store.

     

    using System;

    using System.Security.Cryptography;

    using System.Security.Permissions;

    using System.IO;

    using System.Security.Cryptography.X509Certificates;

    class CertSelect

    {

    static void Main()

    {

    try

    {

    X509Store store = new X509Store(StoreLocation.CurrentUser);

    store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

    X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;

    X509Certificate2Collection fcollection = (X509Certificate2Collection)collection.Find(X509FindType.FindBySubjectName, "Fabrikam", false);

    Console.WriteLine("Number of certificates: {0}{1}", fcollection.Count, Environment.NewLine);

    foreach (X509Certificate2 x509 in fcollection)

    {

    byte[] rawdata = x509.RawData;

    Console.WriteLine("Friendly Name: {0}{1}", x509.FriendlyName, Environment.NewLine);

    Console.WriteLine("Simple Name: {0}{1}", x509.GetNameInfo(X509NameType.SimpleName, true), Environment.NewLine);

    }

    store.Close();

    }

    catch (CryptographicException)

    {

    Console.WriteLine("Information could not be written out for this certificate.");

    }

    }

    }

    -Thank you

    Madhu

    Friday, March 03, 2006 1:02 AM

All replies

  •  I am thinking some certificate with same subject name might be hiding some where on the store (Thinking wcf doing its job)

    //copy following program to console app and see how many certifactes it is able to find it out,search in both localmachine and currentuser store.

     

    using System;

    using System.Security.Cryptography;

    using System.Security.Permissions;

    using System.IO;

    using System.Security.Cryptography.X509Certificates;

    class CertSelect

    {

    static void Main()

    {

    try

    {

    X509Store store = new X509Store(StoreLocation.CurrentUser);

    store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

    X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;

    X509Certificate2Collection fcollection = (X509Certificate2Collection)collection.Find(X509FindType.FindBySubjectName, "Fabrikam", false);

    Console.WriteLine("Number of certificates: {0}{1}", fcollection.Count, Environment.NewLine);

    foreach (X509Certificate2 x509 in fcollection)

    {

    byte[] rawdata = x509.RawData;

    Console.WriteLine("Friendly Name: {0}{1}", x509.FriendlyName, Environment.NewLine);

    Console.WriteLine("Simple Name: {0}{1}", x509.GetNameInfo(X509NameType.SimpleName, true), Environment.NewLine);

    }

    store.Close();

    }

    catch (CryptographicException)

    {

    Console.WriteLine("Information could not be written out for this certificate.");

    }

    }

    }

    -Thank you

    Madhu

    Friday, March 03, 2006 1:02 AM
  • Thanks a lot Madhu. Yes, I actually found another certificate with the subject starting with the specified value.

    Wednesday, March 15, 2006 3:17 AM
  • Hi ,

    I executed the below command twice

    makecert.exe -sr LocalMachine -ss My -n CN=localhost -sky exchange -sk -pe localhost.cer

     So i have 2 certifactes with the same name and i am getting the same error

    Found multiple X.509 certificates using search criteria StoreName 'TrustedPeople', StoreLocation 'CurrentUser', FindType 'FindBySubjectName', FindValue 'Fabrikam'.  Try providing a more specific find value."

    Is there any way to remove 1 certifacte? 

    Anand

     

    Thursday, April 29, 2010 6:14 AM