certenroll.h header

This header is used by Security and Identity. For more information, see:

certenroll.h contains the following programming interfaces:

Interfaces

 
IAlternativeName

Is used by an IX509ExtensionAlternativeNames object to represent an instance of an AlternativeNames extension.
IAlternativeNames

Contains methods and properties that enable you to manage a collection of IAlternativeName objects.
IBinaryConverter

Contains general methods that enable you to create a Unicode-encoded string from a byte array, create a byte array from a Unicode-encoded string, and modify the type of Unicode encoding applied to a string.
ICertificateAttestationChallenge

Allows applications to decrypt a key attestation challenge received from a server.
ICertificatePolicies

Contains methods and properties that enable you to manage a collection of ICertificatePolicy objects.
ICertificatePolicy

Can be used to specify a certificate policy that identifies a purpose for which the certificate can be used.
ICertificationAuthorities

The ICertificationAuthorities interface defines the following methods and properties that manage a collection of ICertificationAuthority objects.
ICertificationAuthority

The ICertificationAuthority interface represents a single certification authority. A collection of certification authorities is represented by the ICertificationAuthorities interface.
ICertProperties

Contains methods and properties that enable you to manage a collection of certificate properties.
ICertProperty

Can be used to associate an external property with a certificate.
ICertPropertyArchived

Represents a certificate property that identifies whether a certificate has been archived.
ICertPropertyArchivedKeyHash

Represents a SHA-1 hash of an encrypted private key submitted to a certification authority for archival.
ICertPropertyAutoEnroll

Represents a certificate property that identifies a template that has been configured to enable autoenrollment of the certificate.
ICertPropertyBackedUp

Represents an external certificate property that identifies whether a certificate has been backed up and, if so, the date and time that it was saved.
ICertPropertyDescription

Enables you to specify and retrieve a string that contains descriptive information for a certificate.
ICertPropertyEnrollment

Represents a certificate property that contains certificate and certification authority (CA) information created when the client calls the Enroll method on the IX509Enrollment interface.
ICertPropertyEnrollmentPolicyServer

Represents an external certificate property that contains information about a certificate enrollment policy (CEP) server and a certificate enrollment server (CES).
ICertPropertyFriendlyName

Enables you to specify and retrieve a string that contains the display name of a certificate.
ICertPropertyKeyProvInfo

Represents a certificate property that contains information about a private key.
ICertPropertyRenewal

Represents a certificate property that contains a SHA-1 hash of the new certificate created when an existing certificate is renewed.
ICertPropertyRequestOriginator

Represents a certificate property that contains the Domain Naming System (DNS) name of the computer on which the request was created.
ICertPropertySHA1Hash

Represents a certificate property that contains a SHA-1 hash of the certificate.
ICryptAttribute

The ICryptAttribute interface represents a cryptographic attribute in a certificate request. A collection of these attributes is contained in the CertificateRequestInfo structure of a PKCS
ICryptAttributes

The ICryptAttributes interface contains methods and properties that enable you to manage a collection of ICryptAttribute objects.
ICspAlgorithm

Represents an algorithm implemented by a cryptographic provider.
ICspAlgorithms

The ICspAlgorithms interface defines the following methods and properties that manage a collection of ICspAlgorithm objects.
ICspInformation

Provides access to general information about a cryptographic provider.
ICspInformations

The ICspInformations interface defines the following methods and properties to manage a collection of ICspInformation objects.
ICspStatus

Contains information about a cryptographic provider/algorithm pair.
ICspStatuses

Contains information about a cryptographic provider/algorithm pair.
IObjectId

Represents an object identifier (OID).
IObjectIds

The IObjectIds interface defines methods and properties that enable you to manage a collection of IObjectId objects.
IPolicyQualifier

Represents a qualifier that can be associated with a certificate policy.
IPolicyQualifiers

Defines methods and properties that enable you to manage a collection of IPolicyQualifier objects.
ISignerCertificate

Represents a signing certificate that enables you to sign a certificate request.
ISignerCertificates

The ISignerCertificates interface defines the following methods and properties to manage a collection of ISignerCertificate objects.
ISmimeCapabilities

Defines the following methods and properties to manage a collection of ISmimeCapability objects.
ISmimeCapability

Represents an SMIMECapabilities extension that identifies the decryption capabilities of an email recipient.
IX500DistinguishedName

Represents an X.500 distinguished name (DN).
IX509Attribute

Can be used to represent an attribute in a PKCS
IX509AttributeArchiveKey

Represents an attribute that contains an encrypted private key to be archived by a certification authority.
IX509AttributeArchiveKeyHash

Represents an attribute that contains a SHA-1 hash of the encrypted private key to be archived by a certification authority.
IX509AttributeClientId

Represents an attribute that can be used to identify the client that generated a certificate request.
IX509AttributeCspProvider

Represents an attribute that identifies the cryptographic provider used by the entity requesting the certificate.
IX509AttributeExtensions

Defines methods and properties that initialize and retrieve certificate extensions in a certificate request.
IX509AttributeOSVersion

Represents an attribute that contains version information about the client operating system on which the certificate request was generated.
IX509AttributeRenewalCertificate

Represents an attribute that contains the certificate being renewed. This attribute is automatically placed in the PKCS
IX509Attributes

The IX509Attributes interface defines the following methods and properties that enable you to manage a collection of IX509Attribute objects.
IX509CertificateRequest

The IX509CertificateRequest interface represents an abstract base certificate request that identifies methods and properties common to and inherited by each of the request objects implemented by the Certificate Enrollment API.
IX509CertificateRequestCertificate

The IX509CertificateRequestCertificate interface represents a request object for a self-generated certificate, enabling you to create a certificate directly without going through a registration or certification authority.
IX509CertificateRequestCertificate2

The IX509CertificateRequestCertificate2 interface represents a request object for a self-generated certificate, enabling you to create a certificate directly without going through a registration or certification authority.
IX509CertificateRequestCmc

Represents a CMC (Certificate Management Message over CMS) certificate request.
IX509CertificateRequestCmc2

The IX509CertificateRequestCmc2 interface represents a CMC (Certificate Management Message over CMS) certificate request.
IX509CertificateRequestPkcs10

The IX509CertificateRequestPkcs10 interface represents a PKCS
IX509CertificateRequestPkcs10V2

The IX509CertificateRequestPkcs10V2 interface represents a PKCS
IX509CertificateRequestPkcs10V3

The IX509CertificateRequestPkcs10V3 interface represents a PKCS
IX509CertificateRequestPkcs7

The IX509CertificateRequestPkcs7 interface represents a PKCS
IX509CertificateRequestPkcs7V2

The IX509CertificateRequestPkcs7V2 interface represents a PKCS
IX509CertificateTemplate

The IX509CertificateTemplate interface represents a certificate request template. It can be used to initialize an IX509CertificateTemplateWritable interface.
IX509CertificateTemplates

The IX509CertificateTemplates interface defines the following methods and properties that manage a collection of IX509CertificateTemplate objects.
IX509CertificateTemplateWritable

The IX509CertificateTemplateWritable interface enables you to add a template to or delete it from a template store. Currently, Active Directory is the only available store.
IX509EndorsementKey

X.509 Endorsement Key Interface
IX509Enrollment

Represents the top level object and enables you to enroll in a certificate hierarchy and install a certificate response.
IX509Enrollment2

The IX509Enrollment2 interface enables you to enroll in a certificate hierarchy and install a certificate response.
IX509EnrollmentHelper

The IX509EnrollmentHelper interface defines methods that enable a web application to enroll a certificate, store policy server credentials in the credential cache, and register policy servers and enrollment servers.
IX509EnrollmentPolicyServer

The IX509EnrollmentPolicyServer interface represents a certificate enrollment policy (CEP) server.
IX509EnrollmentStatus

The IX509EnrollmentStatus interface can be used to specify or retrieve detailed error information about a certificate enrollment transaction.
IX509EnrollmentWebClassFactory

Can be used to create any of the following objects on a webpage.
IX509Extension

Can be used to define an extension for a certificate request.
IX509ExtensionAlternativeNames

Enables you to specify one or more alternative name forms for the subject of a certificate. A certification authority processes the extension by binding the names to the certified public key.
IX509ExtensionAuthorityKeyIdentifier

Enables you to specify an AuthorityKeyIdentifier extension.
IX509ExtensionBasicConstraints

Enables you to specify whether the certificate subject is a certification authority and, if so, the depth of the subordinate certification authority chain that can exist beneath the certification authority for which this extension ID is defined.
IX509ExtensionCertificatePolicies

Enables you to specify a collection of policy information terms, each of which consists of an object identifier (OID) and optional policy qualifiers. A single policy term is defined by an ICertificatePolicy object.
IX509ExtensionEnhancedKeyUsage

Can be used to define a collection of object identifiers (OIDs) that identify the intended uses of the public key contained in the certificate.
IX509ExtensionKeyUsage

Can be used to define restrictions on the operations that can be performed by the public key contained in the certificate.
IX509ExtensionMSApplicationPolicies

Enables you to specify a collection of object identifiers (OIDs) that indicate how a certificate can be used by an application.
IX509Extensions

The IX509Extensions interface defines the following methods and properties to manage a collection of IX509Extension objects.
IX509ExtensionSmimeCapabilities

Can be used to report the decryption capabilities of an email recipient to an email sender so that the sender can choose the most secure algorithm supported by both parties.
IX509ExtensionSubjectKeyIdentifier

Enables you to specify a SubjectKeyIdentifier extension.
IX509ExtensionTemplate

Defines methods and properties that can be used to initialize or retrieve a CertificateTemplate extension.
IX509ExtensionTemplateName

Defines methods and properties that can be used to initialize or retrieve a template name extension.
IX509MachineEnrollmentFactory

Can be used to create an IX509EnrollmentHelper object on a webpage.
IX509NameValuePair

Represents a generic name-value pair.
IX509NameValuePairs

The IX509NameValuePairs interface defines the following methods and properties to manage a collection of IX509NameValuePair objects.
IX509PolicyServerListManager

The IX509PolicyServerListManager interface defines the following methods and properties that enable you to manage a collection of IX509PolicyServerUrl objects.
IX509PolicyServerUrl

The IX509PolicyServerUrl interface can be used to set or retrieve property values associated with the certificate enrollment policy (CEP) server and to update associated registry values.
IX509PrivateKey

Represents an asymmetric private key that can be used for encryption, signing, and key agreement.
IX509PublicKey

Represents a public key in a public/private key pair.
IX509SCEPEnrollment

X.509 Simple Computer Enrollment Protocol Interface
IX509SignatureInformation

Represents information used to sign a certificate request.

Callback functions

 
ImportPFXToProvider

Imports a PFX certificate.
ImportPFXToProviderFreeData

Frees PFX certificate context(s).

Enumerations

 
AlgorithmFlags

Contains flags that can be used to refine the search for a cryptographic algorithm.
AlgorithmOperationFlags

Specifies the operations that an algorithm can perform.
AlgorithmType

Specifies the intended purpose of a cryptographic algorithm supported by a cryptographic provider.
AlternativeNameType

Specifies the alternative name types that can be specified when initializing an IAlternativeName object.
CERTENROLL_OBJECTID

Contains the predefined object identifiers (OIDs) supported by Certificate Enrollment API.
CERTENROLL_PROPERTYID

Contains predefined object identifiers for external properties that can be associated with a certificate in the certificate store.
CommitTemplateFlags

Specifies options for saving and deleting templates.
EncodingType

Specifies the type of encoding applied to a byte array for display purposes.
EnrollmentCAProperty

Specifies certification authority property values.
EnrollmentDisplayStatus

Specifies whether to display enrollment status information in a user interface.
EnrollmentEnrollStatus

Specifies the enrollment status of a certificate request.
EnrollmentPolicyFlags

Specifies group policy flags.
EnrollmentPolicyServerPropertyFlags

Specifies the default policy server.
EnrollmentSelectionStatus

Specifies whether the enrollment status of an object will be monitored during the enrollment process.
EnrollmentTemplateProperty

Contains property values for a given template.
ImportPFXFlags

Flags to use when importing a PFX certificate.
InnerRequestLevel

Specifies the containment level of a certificate request within a PKCS
InstallResponseRestrictionFlags

Contains flags that identify the restrictions placed on the local installation of a certificate chain.
KeyIdentifierHashAlgorithm

Specifies the algorithm used to hash the public key in a certificate request.
ObjectIdGroupId

Specifies the category or group to which an object identifier (OID) belongs.
ObjectIdPublicKeyFlags

Specifies whether a public key algorithm is used for signing or for encryption.
PFXExportOptions

Specifies how much of a certificate chain is included when creating a Personal Information Exchange (PFX) message.
Pkcs10AllowedSignatureTypes

Specifies the type of signature permitted when signing a certificate request.
PolicyQualifierType

Specifies the type of qualifier applied to a certificate policy.
PolicyServerUrlFlags

Contains certificate enrollment policy (CEP) server flags.
PolicyServerUrlPropertyID

Contains values that specify the type of property value to be returned by the GetStringProperty method or set by the SetStringProperty method on the IX509PolicyServerUrl interface.
RequestClientInfoClientId

Specifies the type of application that created a certificate request.
WebEnrollmentFlags

Specifies web enrollment behavior.
WebSecurityLevel

Specifies whether a web-enabled method or property is safe for scripting.
X500NameFlags

Specifies the display and encoding characteristics of a distinguished name or relative distinguished name (RDN).
X509CertificateEnrollmentContext

Specifies the nature of the end entity for which the certificate is intended.
X509CertificateTemplateEnrollmentFlag

Contains values that specify server and client actions during enrollment.
X509CertificateTemplateGeneralFlag

Contains use and modification information about templates and associated certificates.
X509CertificateTemplatePrivateKeyFlag

Contains values that specify client actions regarding a private key.
X509CertificateTemplateSubjectNameFlag

Contains values that specify server and client actions concerning subject names.
X509EnrollmentPolicyExportFlags

Is used by the Export method on the IX509EnrollmentPolicyServer interface to specify what items to export from the policy server.
X509EnrollmentPolicyLoadOption

Is used by the LoadPolicy method on the IX509EnrollmentPolicyServer interface to specify how to retrieve policy from the policy server.
X509KeySpec

Specifies the intended use of a key for a legacy cryptographic service provider (CSP).
X509KeyUsageFlags

Specifies the purpose of a key contained in a certificate.
X509PrivateKeyExportFlags

Specifies the export policy for a private key.
X509PrivateKeyProtection

Specifies the level of private key protection supported by a cryptographic provider.
X509PrivateKeyUsageFlags

Specifies the permitted uses of a private key.
X509PrivateKeyVerify

Specifies whether a user interface is displayed during private key verification and whether verification can proceed if the cryptographic provider is a smart card provider.
X509ProviderType

Specifies the type of cryptographic provider.
X509RequestInheritOptions

Specifies how keys, extension values, and external properties are inherited when a new request is created from an existing certificate.
X509RequestType

Specifies the certificate request type.