System.FormatException: Invalid hexadecimal string format.

I’m working on a task where I wanted to find a certificate from the Local Computer store based on its Thumbprint. I ran into the below exception which you may get, if you copy the value from the Certificate MMC snap in.

System.FormatException: Invalid hexadecimal string format.        
at System.IdentityModel.SecurityUtils.DecodeHexString(String hexString)    
at System.IdentityModel.Selectors.X509CertificateStore.Find(X509FindType findType, Object findValue, Boolean validOnly)
at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(StoreName storeName, StoreLocation storeLocation, X509FindType findType, Object findValue, EndpointAddress target, Boolean throwIfMultipleOrNoMatch)
at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStore(StoreName storeName, StoreLocation storeLocation, X509FindType findType, Object findValue, EndpointAddress target)
at System.ServiceModel.Configuration.X509RecipientCertificateServiceElement.ApplyConfiguration(X509CertificateRecipientServiceCredential cert)
at System.ServiceModel.Configuration.ServiceCredentialsElement.ApplyConfiguration(ServiceCredentials behavior)
at System.ServiceModel.Configuration.ServiceCredentialsElement.CreateBehavior()
at System.ServiceModel.Description.ConfigLoader.LoadBehaviors[T](ServiceModelExtensionCollectionElement`1 behaviorElement, KeyedByTypeCollection`1 behaviors, Boolean commonBehaviors)
at System.ServiceModel.Description.ConfigLoader.LoadServiceDescription(ServiceHostBase host, ServiceDescription description, ServiceElement serviceElement, Action`1 addBaseAddress, Boolean skipHost)
at System.ServiceModel.ServiceHostBase.LoadConfigurationSectionInternal(ConfigLoader configLoader, ServiceDescription description, ServiceElement serviceSection)
at System.ServiceModel.ServiceHost.ApplyConfiguration()
at System.ServiceModel.ServiceHostBase.InitializeDescription(UriSchemeKeyedCollection baseAddresses)
at System.ServiceModel.ServiceHost..ctor(Type serviceType, Uri[] baseAddresses)

When you copy the ‘Thumbprint’ and ‘Serial’ values of a certificate, an extra character gets copied. You need to remove this when pasting. Here it is in Notepad2 and the source where I copied it from:

Screenshot showing invalid byte copied from Certificate snap in

The “?” in the green square is the culprit, copy everything after that or type it manually and the value should be parsed properly.