This... is a long road with many a winding turn... took me quite some time to get everything working correctly. You fail to specify whether your C#-app is an ASP.NET web service client or a console/winforms web service client. I'll presume it's the latter as that's remarkably easier. At either length it's easiest to use Microsoft WSE 1.0 enhancements[^] to fetch the certificate from the certificate store. By default it is presumed that your client certificate is in the personal store of the current user (e.g. the one that is executing the application). If this is ASP.NET then as the user doesn't have a login profile the user doesn't have a personal store folder either and you need to carefully import the certificate to the personal store of the local machine. The following code will get the private certificate from the depths of the certificate store: byte[] certhash = { 50, 49, 239, 183, 249, 60, 36, 134, 129, 159, 39, 226, 197, 70, 76, 1, 147, 237, 43, 217 }; X509CertificateStore store = X509CertificateStore.CurrentUserStore(X509CertificateStore.MyStore); store.Open(); X509CertificateCollection certs = store.FindCertificateByHash(certhash); store.Close(); X509Certificate cert = certs[0]; There are other ways to find a certificate than by using its hash value, but you can refer to the WSE 1.0 documentation for these. Now, to add the certificate to the service call let's presume your web service object is Service1 then you add it fairly simply using: Service1.ClientCertificates.Add(cert); It doesn't seem so daunting when you look at it like this, but it can take a lot of time to figure out given the.... usefulness.... of most code examples around. I think that's all it takes, good luck fighting the certificate mmc snap-in. :) Hope this helps. -- Henrik Stuart (http://www.unprompted.com/hstuart/[^])