Programmatically checking the Authenticode signature on a file

While I was at MEDC 2006, someone asked me if there was a way to find out programatically what certificate a file is signed with. The answer is yes, and it is really easy using the cryptography libraries on the .Net Framework. (This is desktop code).

Don't forget to add a reference to the cryptography libraries and then the following using statements to your file:

using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

The following function will return you an X509Certificate object that you can later use to get additional information, like the certificate issuer. For more information on the X509Certificate class, take a look at .

/// <summary>
/// Gets the certificate the file is signed with.
/// </summary>
/// <param name="filename">The path of the signed file from which to
/// create the X.509 certificate. </param>
/// <returns>The certificate the file is signed with</returns>
public X509Certificate GetAppCertificate(string filename)
X509Certificate cert = null;
cert = X509Certificate.CreateFromSignedFile(filename);
    catch (CryptographicException e)
        Console.WriteLine("Error {0} : {1}", e.GetType(), e.Message);
        Console.WriteLine("Couldn't parse the certificate." +
"Be sure it is a X.509 certificate");
    return cert;


Luis E. Cabrera
Windows Mobile Team.
This posting is "AS IS" and confers no rights or privileges.