ICertAdmin2 interface

The ICertAdmin2 interface is one of two interfaces that provide administration functionality for properly authorized clients.

The ICertAdmin2 interface is used to perform the following tasks:

  • Authorize or deny a certificate request.
  • Revoke an issued certificate.
  • Trigger the generation of a certificate revocation list (CRL).
  • Get the current CRL for the server.
  • Determine whether a certificate is valid.
  • Get an archived key.
  • Get a certification authority (CA) display name, property, or property flag.
  • Publish one or several CRLs.
  • Get or set configuration information.
  • Determine which roles are set.
  • Import a certificate or key.
Certificate Services interfaces support both apartment-threading and free-threading models. For better throughput, free threading is recommended.


The ICertAdmin2 interface has these methods.

Method Description
ICertAdmin2::DeleteRow The DeleteRow method deletes a row or set of rows from a database table. The caller specifies a database table and either a row ID or an ending date.
ICertAdmin2::GetArchivedKey Retrieves an archived key recovery BLOB.
ICertAdmin2::GetCAProperty Retrieves a property value for the certification authority (CA).
ICertAdmin2::GetCAPropertyDisplayName The ICertAdmin2::GetCAPropertyDisplayName method retrieves the property display name for a certification authority (CA) property.
ICertAdmin2::GetCAPropertyFlags The ICertAdmin2::GetCAPropertyFlags method retrieves the property flags for a certification authority (CA) property.
ICertAdmin2::GetConfigEntry Retrieves configuration information for a certification authority (CA).
ICertAdmin2::GetMyRoles Retrieves the certification authority (CA) roles of the caller.
ICertAdmin2::ImportKey Adds an encrypted key set to an item in the Certificate Services database. The key set is encrypted to one or several key recovery agent (KRA) certificates.
ICertAdmin2::PublishCRLs Publishes certificate revocation lists (CRLs) for a certification authority (CA).
ICertAdmin2::SetCAProperty Sets a property value for the certification authority (CA).
ICertAdmin2::SetConfigEntry Sets configuration information for a certification authority (CA).


Windows version None supported Windows Server 2003 [desktop apps only]
Target Platform Windows
Header certadm.h (include Certsrv.h)