Mapping Xenroll.dll to CertEnroll.dll
Prior to Windows Vista, the Certificate Enrollment Control was implemented in Xenroll.dll. The Xenroll.dll library has been removed from the operating system and replaced by CertEnroll.dll.
Xenroll attempted to implement two parallel sets of interfaces. ICEnroll, ICEnroll2, ICEnroll3, and ICEnroll4 were Automation-compliant and compatible with scripting languages. The corresponding interfaces—IEnroll, IEnroll2, and IEnroll4—could not be scripted but were more convenient for C++ programmers. As they evolved, the two sets of interfaces did not remain synchronized. In particular, the set of dual interfaces represented most recently by ICEnroll4 defines only a subset of the functionality defined by IEnroll4.
CertEnroll.dll implements a larger and more structured set of Automation-compliant COM interfaces. The following topics discuss how Xenroll.dll maps to CertEnroll.dll for different types of functionality.
- Certificate Request Functions
- Certificate Response Functions
- Attribute Functions
- Extension Functions
- External Property Functions
- Private and Public Key Functions
- Cryptographic Service Provider Functions
- Certificate Store Functions
- Personal Information Exchange Functions
- Helper Functions
Related topics
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for