The findValue parameter for the X509Certificate2Collection.Find(X509FindType, object, bool) method must be a string representing either the friendly name or the object identifier (OID, or System.Security.Cryptography.Oid) of the certificate policy. The best practice is to use the OID, such as "1.3.6.1.4.1.311.10.3.4". For an application that will be localized, the OID must be used, because the friendly name is localized.