MDM_ClientCertificateInstall_User02_PFXCertInstall03_01 class
[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]
The MDM_ClientCertificateInstall_User02_PFXCertInstall03_01 class enables the enterprise to configure the PFX certificate related settings of client certificates.
The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties.
Syntax
[dynamic, provider("DMWmiBridgeProv"), AMENDMENT]class MDM_ClientCertificateInstall_User02_PFXCertInstall03_01
{
string InstanceID;
string ParentID;
string PFXCertBlob;
string PFXCertPassword;
boolean PFXKeyExportable;
sint32 KeyLocation;
string ContainerName;
sint32 Status;
boolean IsPasswordEncrypted;
};
Members
The MDM_ClientCertificateInstall_User02_PFXCertInstall03_01 class has these types of members:
- Properties
Properties
The MDM_ClientCertificateInstall_User02_PFXCertInstall03_01 class has these properties.
ContainerName
Data type: string
Access type: Read-only
Optional. Specifies the NGC container name (if NGC KSP is chosen for this node). If this node is not specified when NGC KSP is chosen, enrollment will fail.
InstanceID
Data type: string
Access type: Read-only
Qualifiers: key
Identifies the name of the parent node. For this class, a unique ID to differentiate different certificate install requests.
IsPasswordEncrypted
Data type: boolean
Access type: Read-only
Optional. Used to specify if the PFX certificate password is encrypted with the MDM certificate by the MDM sever. The datatype for this node is bool. If the value is true, the password should be encrypted with the MDM certificate as the client will try to decrypt using that.
KeyLocation
Data type: sint32
Access type: Read-only
Required for PFX certificate installation. Indicates the KeyStorage provider to target the private key installation to.
The data type will be an integer corresponding to one of the following values:
| Value | Description |
|---|---|
| 1 | Install to TPM if present. If not present, fallback to software. |
| 2 | Install to TPM, fail if not present . |
| 3 | Install to software. |
| 4 | Install to NGC. |
ParentID
Data type: string
Access type: Read-only
Qualifiers: key
Describes the full path to the parent node. For this class, the string is "./Vendor/MSFT/ClientCertificateInstall/My/User/PFXCertInstall"
PFXCertBlob
Data type: string
Access type: Read-only
Qualifiers: Octetstring
CRYPT_DATA_BLOB structure that contains a PFX packet with the exported and encrypted certificates and keys. Add on this node will trigger the addition to the PFX certificate. This requires that all the other nodes under UniqueID that are parameters for PFX installation (Container Name, KeyLocation, CertPassword, KeyExportable) are present before this is called. This will also set the Status node to the current Status of the operation.
If Add is called on this node and a blob already exists, it will fail. If Replace is called on this node, the certificates will be overwritten.
If Add is called on this node for a new PFX, the certificate will be added. If Replace is called on this node when it does not exist, this will fail.
In other words, using Replace or Add will result in the effect of either overwriting the old certificate or adding a new certificate CRYPT_DATA_BLOB can be found in CRYPT_INTEGER_BLOB.
PFXCertPassword
Data type: string
Access type: Read-only
Password that protects the PFX blob. This is required if the PFX is password protected.
PFXKeyExportable
Data type: boolean
Access type: Read-only
Optional. Used to specify if the private key installed is exportable (and can be exported later).
Status
Data type: sint32
Access type: Read-only
Required. Returns the error code of the PFX installation from the GetLastError command called after the PfxImportCertStore.
Requirements
Minimum supported client |
Windows 10 Insider Preview |
Minimum supported server |
None supported |
Namespace |
Root\CIMv2\MDM\DMMap |
MOF |
DMWmiBridgeProv.mof |
DLL |
DMWmiBridgeProv.dll |