There is no built-in member of X509Store or the X509FindType enumeration that directly says "give me the certificate currently configured in IIS". IIS does not expose the SSL binding certificate via a managed API like X509Store with a special flag or find type.

But—you can retrieve the IIS certificate by reading the SSL binding from HTTP.sys, or by querying the Windows certificate store based on the IIS binding.

How IIS Stores SSL Bindings

When you bind an HTTPS port in IIS, it stores the SSL certificate information using HTTP.sys, the kernel-mode driver. The mapping is tied to:

IP address (or 0.0.0.0 for all IPs)

Port (e.g., 443)

Certificate thumbprint

Application ID