即使我们的网络应用程序的用户在应用程序启动时从他们的CAC中选择了一个证书,我也需要强制他们再次选择进行验证。我可以使用VS2012开发服务器在我的本地开发机器上工作,但在部署之后不能这样做:
public X509Certificate2 selectCert()
{
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection sol = store.Certificates;
X509Certificate2 sel = X509Certificate2UI.SelectFromCollection(store.Certificates, "Select Certificate", "Please select a certificate", X509SelectionFlag.SingleSelection)[0];
return sel;
}