How to: Retrieve the Thumbprint of a Certificate
When writing a Windows Communication Foundation (WCF) application that
uses an X.509 certificate for authentication, it is often necessary
to specify claims found in the certificate. For example, you must
supply a thumbprint claim when using the FindByThumbprint enumeration
in the SetCertificate method. Finding the claim value requires two steps.
First, open the Microsoft Management Console (MMC) snap-in for certificates.
(See How to: View Certificates with the MMC Snap-in.) Second, as described
here, find an appropriate certificate and copy its thumbprint (or other claim
If you are using a certificate for service authentication,
it is important to note the value of the Issued To column
(the first column in the console). When using Secure Sockets Layer (SSL)
as a transport security, one of the first checks done is to compare the
base address Uniform Resource Identifier (URI) of a service to the Issued
To value. The values must match or the authentication process is halted.
You can also use the Makecert.exe tool from the .NET Framework SDK to create
temporary certificates for use only during development. By default, however,
such a certificate is not issued by a certificate authority, and is unusable
for production purposes. For more information, see How to: Create Temporary
Certificates for Use During Development.
To retrieve a certificate's thumbprint
Open the Microsoft Management Console (MMC) snap-in for certificates.
(See How to: View Certificates with the MMC Snap-in.)
In the Console Root window's left pane, click Certificates (Local Computer).
Click the Personal folder to expand it.
Click the Certificates folder to expand it.
In the list of certificates, note the Intended Purposes heading. Find a
certificate that lists Client Authentication as an intended purpose.
Double-click the certificate.
In the Certificate dialog box, click the Details tab.
Scroll through the list of fields and click Thumbprint.
Copy the hexadecimal characters from the box. If this thumbprint is used in
code for the X509FindType, remove the spaces between the hexadecimal numbers.
For example, the thumbprint "a9 09 50 2d d8 2a e4 14 33 e6 f8 38 86 b0 0d 42 77
a3 2a 7b" should be specified as "a909502dd82ae41433e6f83886b00d4277a32a7b" in