Access certificates in "Local Computer" store from C++/UWP

[forderud]

Associated Microsoft doc. issue: MicrosoftDocs/winrt-api#2288

The current C++ & C# samples projects are only able to utilize client certificates stored in the Current User\Personal store. This is fine for end-user authentication purposes, but not so good for machine/computer authentication.

Task: Figure out how to use client certificates stored in the Local Computer\Personal store as already done by Intune:

Associated doc:

• https://learn.microsoft.com/en-us/uwp/api/windows.security.cryptography.certificates.certificatestores.findallasync
• UWP CertificateQuery.StoreName: https://learn.microsoft.com/en-us/uwp/api/windows.security.cryptography.certificates.certificatequery.storename
• https://learn.microsoft.com/en-us/uwp/api/windows.security.cryptography.certificates.certificatestores.getstorebyname
• https://learn.microsoft.com/en-us/uwp/api/windows.security.cryptography.certificates.standardcertificatestorenames?view=winrt-22621
• https://learn.microsoft.com/en-us/windows-hardware/drivers/install/local-machine-and-current-user-certificate-stores

[forderud]

The problem might be worked around by instead storing the certificate under Local Computer\Trusted People. It can then be retrieved using X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser) in C# and query.StoreName(L"TrustedPeople") in C++.

However, I've not been able to utilize certificates stored in "Trusted People" for a mTLS handshake yet. Don't understand why it doesn't work..