How to access certificates in the "Local Computer\Personal" store?

Fredrik Orderud (GE) 21 Reputation points

I'm struggling to figure out how to access certificates in the "Local Computer\Personal" store when using CertificateStores::FindAllAsync(CertificateQuery) and similar UWP APIs.

I've already tried to specify StoreName in the CertificateQuery argument. This works nicely for accessing certificates in e.g. the "Current User\Personal" store. However, there doesn't seem to any way to also specify StoreLocation as in the .Net X509Store(StoreName, StoreLocation) constructor.

Universal Windows Platform (UWP)
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Junjie Zhu - MSFT 16,551 Reputation points Microsoft Vendor

    Hello @Fredrik Orderud (GE) ,
    Welcome to Microsoft Q&A!

    Currently, CertificateStores searches for the current user's certificate by default. To use this API, you also need to define Capabilities sharedUserCertificates. It is currently impossible to find the certificate of the local computer.

    The sharedUserCertificates capability enables an app to add and access software and hardware-based certificates in the Shared User store, such as certificates stored on a smart card. This capability is typically used for financial or enterprise apps that require a smart card for authentication.

    I'd suggest you submit a feature request about this feature in the Feedback Hub.
    You could find the Feedback Hub in the Start Menu.
    Please select Developer Platform->API Feedback as the category when you submit your request.
    The related team will check the request.

    Thank you.

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. Fredrik Orderud (GE) 21 Reputation points

    I can already work around the limitation by either calling the underlying Win32 API or use .Net, so it's more of a long-term enhancement request from my side.

    0 comments No comments