CertificateEnrollmentManager CertificateEnrollmentManager CertificateEnrollmentManager CertificateEnrollmentManager Class

Represents a certificate enrollment manager.

Syntax

Declaration

public static class CertificateEnrollmentManagerpublic static class CertificateEnrollmentManagerPublic Static Class CertificateEnrollmentManagerpublic static class CertificateEnrollmentManager

Remarks

Call the CreateRequestAsync(CertificateRequestProperties) method to create an instance of the CertificateEnrollmentManager object.

This class contains only static properties. You do not have to create an instance of the class to retrieve the properties. Instead, use the class name followed by the dot operator (.), followed by the property name.

Examples

[!code-csharpShowCertEnrollMgr]

Properties summary

Gets the associated UserCertificateEnrollmentManager.

Methods summary

Asynchronously creates a PKCS #10 certificate request based on properties specified in a CertificateRequestProperties object.

Asynchronously imports a certificate from a Personal Information Exchange (PFX) message.

Asynchronously imports a certificate from a Personal Information Exchange (PFX) message using the specified key storage provider.

Asynchronously imports a certificate from a Personal Information Exchange (PFX) message using import parameters.

Asynchronously Installs a certificate chain into the app container on the local computer.

Properties

Methods

  • CreateRequestAsync(CertificateRequestProperties)
    CreateRequestAsync(CertificateRequestProperties)
    CreateRequestAsync(CertificateRequestProperties)
    CreateRequestAsync(CertificateRequestProperties)

    Asynchronously creates a PKCS #10 certificate request based on properties specified in a CertificateRequestProperties object.

    public static IAsyncOperation<string> CreateRequestAsync(CertificateRequestProperties request)public static IAsyncOperation<string> CreateRequestAsync(CertificateRequestProperties request)Public Static Function CreateRequestAsync(request As CertificateRequestProperties) As IAsyncOperation( Of string )public static IAsyncOperation<string> CreateRequestAsync(CertificateRequestProperties request)

    Parameters

    Returns

    • This method returns a string that contains the base64 encoded PKCS #10 certificate request.

    Remarks

    Certificate enrollment can be performed in an app container. We recommend that you use the following request objects to submit the request:

    PropertyDefault value
    Subject Empty string
    KeyAlgorithmName RSA
    KeySize 2048 bits
    FriendlyName Empty String
    HashAlgorithmName SHA256
    Exportable Not Exportable
    KeyUsages Signing
    KeyProtectionLevel NoConsent
    KeyStorageProviderName Microsoft Software Key Storage Provider

    While the CreateRequestAsync(CertificateRequestProperties) method creates the certificate request, you will need to submit the request to an http enrollment end point. You can then take the response from the http enrollment end point and then call the InstallCertificateAsync(String, InstallOptions) method to install the response.

    Note

    You must include the Signing value in the KeyUsages property in any@Windows.Security.Cryptography.Certificates.CertificateRequestProperties object that you use in a call to CreateRequestAsync. If you wish to set KeyUsages to Decryption or KeyAgreement, you must also OR in Signing. Otherwise, the call to CreateRequestAsync will fail.

  • ImportPfxDataAsync(String, String, ExportOption, KeyProtectionLevel, InstallOptions, String)
    ImportPfxDataAsync(String, String, ExportOption, KeyProtectionLevel, InstallOptions, String)
    ImportPfxDataAsync(String, String, ExportOption, KeyProtectionLevel, InstallOptions, String)
    ImportPfxDataAsync(String, String, ExportOption, KeyProtectionLevel, InstallOptions, String)

    Asynchronously imports a certificate from a Personal Information Exchange (PFX) message.

    public static IAsyncAction ImportPfxDataAsync(String pfxData, String password, ExportOption exportable, KeyProtectionLevel keyProtectionLevel, InstallOptions installOption, String friendlyName)public static IAsyncAction ImportPfxDataAsync(String pfxData, String password, ExportOption exportable, KeyProtectionLevel keyProtectionLevel, InstallOptions installOption, String friendlyName)Public Static Function ImportPfxDataAsync(pfxData As String, password As String, exportable As ExportOption, keyProtectionLevel As KeyProtectionLevel, installOption As InstallOptions, friendlyName As String) As IAsyncActionpublic static IAsyncAction ImportPfxDataAsync(String pfxData, String password, ExportOption exportable, KeyProtectionLevel keyProtectionLevel, InstallOptions installOption, String friendlyName)

    Parameters

    Returns

    Remarks

    This method imports the certificate chain into the app container.

    • To import an issued certificate, it is not necessary for the certificate request to have been generated on the importing computer.
    • The certificates included in the response need not be chained to trusted root certificates on the importing computer.
    • The certificate is installed in the app container MY store.
    • Certification authority and Root certificates are installed in the app container intermediate certification authority store.
    • The key container name and key specification for the imported certificate are determined as described in the Remarks section of PFXImportCertStore with the exception that if AttributeId 1.3.6.1.4.1.311.17.1 is not present, MS_KEY_STORAGE_PROVIDER is always used as the provider name.
  • ImportPfxDataAsync(String, String, ExportOption, KeyProtectionLevel, InstallOptions, String, String)
    ImportPfxDataAsync(String, String, ExportOption, KeyProtectionLevel, InstallOptions, String, String)
    ImportPfxDataAsync(String, String, ExportOption, KeyProtectionLevel, InstallOptions, String, String)
    ImportPfxDataAsync(String, String, ExportOption, KeyProtectionLevel, InstallOptions, String, String)

    Asynchronously imports a certificate from a Personal Information Exchange (PFX) message using the specified key storage provider.

    public static IAsyncAction ImportPfxDataAsync(String pfxData, String password, ExportOption exportable, KeyProtectionLevel keyProtectionLevel, InstallOptions installOption, String friendlyName, String keyStorageProvider)public static IAsyncAction ImportPfxDataAsync(String pfxData, String password, ExportOption exportable, KeyProtectionLevel keyProtectionLevel, InstallOptions installOption, String friendlyName, String keyStorageProvider)Public Static Function ImportPfxDataAsync(pfxData As String, password As String, exportable As ExportOption, keyProtectionLevel As KeyProtectionLevel, installOption As InstallOptions, friendlyName As String, keyStorageProvider As String) As IAsyncActionpublic static IAsyncAction ImportPfxDataAsync(String pfxData, String password, ExportOption exportable, KeyProtectionLevel keyProtectionLevel, InstallOptions installOption, String friendlyName, String keyStorageProvider)

    Parameters

    • pfxData
      System.String
      System.String
      System.String
      System.String

      Base64-encoded PFX message.

    • password
      System.String
      System.String
      System.String
      System.String

      The password used to decrypt and verify the PFX packet. The password must be exactly the same as the password that was used to encrypt the packet.

    • exportable

      A value of the ExportOption enumeration that specifies whether the key can be exported.

    • keyProtectionLevel

      A value of the KeyProtectionLevel enumeration that specifies the strength of the key protection. The default is NoConsent.

    • installOption

      An InstallOptions enumeration value that specifies the certificate installation option.

    • friendlyName
      System.String
      System.String
      System.String
      System.String

      The display name of the enrolled certificate. This value overwrites the FriendlyName property inside the PFX message.

    • keyStorageProvider
      System.String
      System.String
      System.String
      System.String

      The name of the key storage provider to use when importing the certificate.

    Returns

    Remarks

    This method imports the certificate chain into the app container.

    • To import an issued certificate, it is not necessary for the certificate request to have been generated on the importing computer.
    • The certificates included in the response need not be chained to trusted root certificates on the importing computer.
    • The certificate is installed in the app container MY store.
    • Certification authority and Root certificates are installed in the app container intermediate certification authority store.
    • The key container name and key specification for the imported certificate are determined as described in the Remarks section of PFXImportCertStore with the exception that if AttributeId 1.3.6.1.4.1.311.17.1 is not present, MS_KEY_STORAGE_PROVIDER is always used as the provider name.
  • ImportPfxDataAsync(String, String, PfxImportParameters)
    ImportPfxDataAsync(String, String, PfxImportParameters)
    ImportPfxDataAsync(String, String, PfxImportParameters)
    ImportPfxDataAsync(String, String, PfxImportParameters)

    Asynchronously imports a certificate from a Personal Information Exchange (PFX) message using import parameters.

    public static IAsyncAction ImportPfxDataAsync(String pfxData, String password, PfxImportParameters pfxImportParameters)public static IAsyncAction ImportPfxDataAsync(String pfxData, String password, PfxImportParameters pfxImportParameters)Public Static Function ImportPfxDataAsync(pfxData As String, password As String, pfxImportParameters As PfxImportParameters) As IAsyncActionpublic static IAsyncAction ImportPfxDataAsync(String pfxData, String password, PfxImportParameters pfxImportParameters)

    Parameters

    • pfxData
      System.String
      System.String
      System.String
      System.String

      Base64-encoded PFX message.

    • password
      System.String
      System.String
      System.String
      System.String

      The password used to decrypt and verify the PFX packet. The password must be exactly the same as the password that was used to encrypt the packet.

    • pfxImportParameters

      The PFX import parameters.

    Returns

  • InstallCertificateAsync(String, InstallOptions)
    InstallCertificateAsync(String, InstallOptions)
    InstallCertificateAsync(String, InstallOptions)
    InstallCertificateAsync(String, InstallOptions)

    Asynchronously Installs a certificate chain into the app container on the local computer.

    public static IAsyncAction InstallCertificateAsync(String certificate, InstallOptions installOption)public static IAsyncAction InstallCertificateAsync(String certificate, InstallOptions installOption)Public Static Function InstallCertificateAsync(certificate As String, installOption As InstallOptions) As IAsyncActionpublic static IAsyncAction InstallCertificateAsync(String certificate, InstallOptions installOption)

    Parameters

    • certificate
      System.String
      System.String
      System.String
      System.String

      The encoded certificate. The certificate is encoded by using Distinguished Encoding Rules (DER) as defined by the Abstract Syntax Notation One (ASN.1) standard.

    • installOption

      An InstallOptions enumeration value that specifies the certificate installation option.

    Returns

    Remarks

    This method installs the certificate chain into the app container:

    • The certificate request for the input certificate must have been previously generated on the local computer by calling the CreateRequestAsync(CertificateRequestProperties) method.
    • The certificates included in the response need not be chained to trusted root certificates on the installing computer.
    • The certificate is installed in the app container MY store.
    • Certification authority (CA) and Root certificates are installed in the app container intermediate CA store.

Device family

Windows 10 (introduced v10.0.10240.0)

API contract

Windows.Foundation.UniversalApiContract (introduced v1)

Attributes

Windows.Foundation.Metadata.ContractVersionAttribute
Windows.Foundation.Metadata.DualApiPartitionAttribute
Windows.Foundation.Metadata.MarshalingBehaviorAttribute
Windows.Foundation.Metadata.StaticAttribute
Windows.Foundation.Metadata.StaticAttribute
Windows.Foundation.Metadata.StaticAttribute
Windows.Foundation.Metadata.ThreadingAttribute

Details

Assembly

Windows.Security.Cryptography.Certificates.dll