Documentation for this section has not yet been entered.
An application can add a certificate to a collection, but might not have access rights to it. To use a certificate contained in the collection, the application must have the same access rights as the entity that issued the certificate.
The Framework caches SSL sessions as they are created and attempts to reuse a cached session for a new request, if possible. When attempting to reuse an SSL session, the Framework uses the first element of HttpWebRequest.ClientCertificates (if there is one), or tries to reuse an anonymous sessions if HttpWebRequest.ClientCertificates is empty.
For performance reasons, you shouldn't add a client certificate to a System.Net.HttpWebRequest unless you know the server will ask for it.
For a code example illustrating how to enumerate the certificates in the client certificate store, see the System.Security.Cryptography.X509Certificates.X509Certificate2Collection class.