The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string representing either the application policy friendly name or the object identifier (OID, or System.Security.Cryptography.Oid) of the certificate. For example, "Encrypting File System" or "1.3.6.1.4.1.311.10.3.4" can be used. For an application that will be localized, the OID value must be used, because the friendly name is localized.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string representing either the friendly name or the object identifier (OID, or System.Security.Cryptography.Oid) of the certificate policy. The best practice is to use the OID, such as "1.3.6.1.4.1.311.10.3.4". For an application that will be localized, the OID must be used, because the friendly name is localized.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string describing the extension to find. The object identifier (OID) is most commonly used to direct the X509Certificate2Collection.Find(X509FindType, object, bool) method to search for all certificates that have an extension matching that OID value.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string representing the issuer distinguished name of the certificate. This is a more specific search than that provided by the X509FindType.FindByIssuerName enumeration value. Using the X509FindType.FindByIssuerDistinguishedName value, the X509Certificate2Collection.Find(X509FindType, object, bool) method performs a case-insensitive string comparison for the entire distinguished name. Searching by issuer name is a less precise search.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string representing the issuer name of the certificate. This is a less specific search than that provided by the X509FindType.FindByIssuerDistinguishedName enumeration value. Using the X509FindType.FindByIssuerName value, the X509Certificate2Collection.Find(X509FindType, object, bool) method performs a case-insensitive string comparison using the supplied value. For example, if you pass "MyCA" to the X509Certificate2Collection.Find(X509FindType, object, bool) method, it will find all certificates with the issuer name containing that string, regardless of other issuer values.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be either a string representing the key usage or an integer representing a bit mask containing all the requested key usages. For the string value, only one key usage at a time can be specified, but the X509Certificate2Collection.Find(X509FindType, object, bool) method can be used in a cascading sequence to get the intersection of the requested usages. For example, the findValue parameter can be set to "KeyEncipherment" or an integer (0x30 indicates "KeyEncipherment" and "DataEncipherment"). Values of the System.Security.Cryptography.X509Certificates.X509KeyUsageFlags enumeration can also be used.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string that represents the serial number of the certificate as displayed by the certificate dialog box, but without the spaces, or as returned by the X509Certificate.GetSerialNumberString method.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string representing the subject distinguished name of the certificate. This is a more specific search than that provided by the X509FindType.FindBySubjectName enumeration value. Using the X509FindType.FindBySubjectDistinguishedName value, the X509Certificate2Collection.Find(X509FindType, object, bool) method performs a case-insensitive string comparison for the entire distinguished name. Searching by subject name is a less precise search.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string representing the subject key identifier in hexadecimal, such as "F3E815D45E83B8477B9284113C64EF208E897112", as displayed in the UI.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string representing the subject name of the certificate. This is a less specific search than that provided by the X509FindType.FindBySubjectDistinguishedName enumeration value. Using the X509FindType.FindBySubjectName value, the X509Certificate2Collection.Find(X509FindType, object, bool) method performs a case-insensitive string comparison using the supplied value. For example, if you pass "MyCert" to the X509Certificate2Collection.Find(X509FindType, object, bool) method, it will find all certificates with the subject name containing that string, regardless of other subject values. Searching by distinguished name is a more precise search.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string representing the template name of the certificate, such as "ClientAuth". A template name is an X509 version 3 extension that specifies the uses of the certificate.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string representing the thumbprint of the certificate.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a DateTime value in local time. For example, you can find all the certificates that will be valid until the end of the year by eliminating the results of a X509Certificate2Collection.Find(X509FindType, object, bool) operation for X509FindType.FindByTimeExpired of the last day of the year from the results of a X509Certificate2Collection.Find(X509FindType, object, bool) operation for DateTime.Now.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a DateTime value in local time. The value does not have to be in the future. For example, you can use X509FindType.FindByTimeNotYetValid to find certificates that became valid in the current year by taking the intersection of the results of a X509Certificate2Collection.Find(X509FindType, object, bool) operation for X509FindType.FindByTimeNotYetValid for the last day of last year with the results of a X509Certificate2Collection.Find(X509FindType, object, bool) operation for X509FindType.FindByTimeValid of DateTime.Now.

The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a DateTime value in local time. You can use DateTime.Now to find all the currently valid certificates.