certenroll.h header

This header is used by Security and Identity. For more information, see:

Interfaces

Title Description
IAlternativeName Is used by an IX509ExtensionAlternativeNames object to represent an instance of an AlternativeNames extension.
IAlternativeNames Contains methods and properties that enable you to manage a collection of IAlternativeName objects.
IBinaryConverter Contains general methods that enable you to create a Unicode-encoded string from a byte array, create a byte array from a Unicode-encoded string, and modify the type of Unicode encoding applied to a string.
ICertificateAttestationChallenge Allows applications to decrypt a key attestation challenge received from a server.
ICertificatePolicies Contains methods and properties that enable you to manage a collection of ICertificatePolicy objects.
ICertificatePolicy Can be used to specify a certificate policy that identifies a purpose for which the certificate can be used.
ICertificationAuthorities The ICertificationAuthorities interface defines the following methods and properties that manage a collection of ICertificationAuthority objects.
ICertificationAuthority The ICertificationAuthority interface represents a single certification authority. A collection of certification authorities is represented by the ICertificationAuthorities interface.
ICertProperties Contains methods and properties that enable you to manage a collection of certificate properties.
ICertProperty Can be used to associate an external property with a certificate.
ICertPropertyArchived Represents a certificate property that identifies whether a certificate has been archived.
ICertPropertyArchivedKeyHash Represents a SHA-1 hash of an encrypted private key submitted to a certification authority for archival.
ICertPropertyAutoEnroll Represents a certificate property that identifies a template that has been configured to enable autoenrollment of the certificate.
ICertPropertyBackedUp Represents an external certificate property that identifies whether a certificate has been backed up and, if so, the date and time that it was saved.
ICertPropertyDescription Enables you to specify and retrieve a string that contains descriptive information for a certificate.
ICertPropertyEnrollment Represents a certificate property that contains certificate and certification authority (CA) information created when the client calls the Enroll method on the IX509Enrollment interface.
ICertPropertyEnrollmentPolicyServer Represents an external certificate property that contains information about a certificate enrollment policy (CEP) server and a certificate enrollment server (CES).
ICertPropertyFriendlyName Enables you to specify and retrieve a string that contains the display name of a certificate.
ICertPropertyKeyProvInfo Represents a certificate property that contains information about a private key.
ICertPropertyRenewal Represents a certificate property that contains a SHA-1 hash of the new certificate created when an existing certificate is renewed.
ICertPropertyRequestOriginator Represents a certificate property that contains the Domain Naming System (DNS) name of the computer on which the request was created.
ICertPropertySHA1Hash Represents a certificate property that contains a SHA-1 hash of the certificate.
ICryptAttribute The ICryptAttribute interface represents a cryptographic attribute in a certificate request. A collection of these attributes is contained in the CertificateRequestInfo structure of a PKCS
ICryptAttributes The ICryptAttributes interface contains methods and properties that enable you to manage a collection of ICryptAttribute objects.
ICspAlgorithm Represents an algorithm implemented by a cryptographic provider.
ICspAlgorithms The ICspAlgorithms interface defines the following methods and properties that manage a collection of ICspAlgorithm objects.
ICspInformation Provides access to general information about a cryptographic provider.
ICspInformations The ICspInformations interface defines the following methods and properties to manage a collection of ICspInformation objects.
ICspStatus Contains information about a cryptographic provider/algorithm pair.
ICspStatuses Contains information about a cryptographic provider/algorithm pair.
IObjectId Represents an object identifier (OID).
IObjectIds The IObjectIds interface defines methods and properties that enable you to manage a collection of IObjectId objects.
IPolicyQualifier Represents a qualifier that can be associated with a certificate policy.
IPolicyQualifiers Defines methods and properties that enable you to manage a collection of IPolicyQualifier objects.
ISignerCertificate Represents a signing certificate that enables you to sign a certificate request.
ISignerCertificates The ISignerCertificates interface defines the following methods and properties to manage a collection of ISignerCertificate objects.
ISmimeCapabilities Defines the following methods and properties to manage a collection of ISmimeCapability objects.
ISmimeCapability Represents an SMIMECapabilities extension that identifies the decryption capabilities of an email recipient.
IX500DistinguishedName Represents an X.500 distinguished name (DN).
IX509Attribute Can be used to represent an attribute in a PKCS
IX509AttributeArchiveKey Represents an attribute that contains an encrypted private key to be archived by a certification authority.
IX509AttributeArchiveKeyHash Represents an attribute that contains a SHA-1 hash of the encrypted private key to be archived by a certification authority.
IX509AttributeClientId Represents an attribute that can be used to identify the client that generated a certificate request.
IX509AttributeCspProvider Represents an attribute that identifies the cryptographic provider used by the entity requesting the certificate.
IX509AttributeExtensions Defines methods and properties that initialize and retrieve certificate extensions in a certificate request.
IX509AttributeOSVersion Represents an attribute that contains version information about the client operating system on which the certificate request was generated.
IX509AttributeRenewalCertificate Represents an attribute that contains the certificate being renewed. This attribute is automatically placed in the PKCS
IX509Attributes The IX509Attributes interface defines the following methods and properties that enable you to manage a collection of IX509Attribute objects.
IX509CertificateRequest The IX509CertificateRequest interface represents an abstract base certificate request that identifies methods and properties common to and inherited by each of the request objects implemented by the Certificate Enrollment API.
IX509CertificateRequestCertificate The IX509CertificateRequestCertificate interface represents a request object for a self-generated certificate, enabling you to create a certificate directly without going through a registration or certification authority.
IX509CertificateRequestCertificate2 The IX509CertificateRequestCertificate2 interface represents a request object for a self-generated certificate, enabling you to create a certificate directly without going through a registration or certification authority.
IX509CertificateRequestCmc Represents a CMC (Certificate Management Message over CMS) certificate request.
IX509CertificateRequestCmc2 The IX509CertificateRequestCmc2 interface represents a CMC (Certificate Management Message over CMS) certificate request.
IX509CertificateRequestPkcs10 The IX509CertificateRequestPkcs10 interface represents a PKCS
IX509CertificateRequestPkcs10V2 The IX509CertificateRequestPkcs10V2 interface represents a PKCS
IX509CertificateRequestPkcs10V3 The IX509CertificateRequestPkcs10V3 interface represents a PKCS
IX509CertificateRequestPkcs7 The IX509CertificateRequestPkcs7 interface represents a PKCS
IX509CertificateRequestPkcs7V2 The IX509CertificateRequestPkcs7V2 interface represents a PKCS
IX509CertificateTemplate The IX509CertificateTemplate interface represents a certificate request template. It can be used to initialize an IX509CertificateTemplateWritable interface.
IX509CertificateTemplates The IX509CertificateTemplates interface defines the following methods and properties that manage a collection of IX509CertificateTemplate objects.
IX509CertificateTemplateWritable The IX509CertificateTemplateWritable interface enables you to add a template to or delete it from a template store. Currently, Active Directory is the only available store.
IX509EndorsementKey X.509 Endorsement Key Interface
IX509Enrollment Represents the top level object and enables you to enroll in a certificate hierarchy and install a certificate response.
IX509Enrollment2 The IX509Enrollment2 interface enables you to enroll in a certificate hierarchy and install a certificate response.
IX509EnrollmentHelper The IX509EnrollmentHelper interface defines methods that enable a web application to enroll a certificate, store policy server credentials in the credential cache, and register policy servers and enrollment servers.
IX509EnrollmentPolicyServer The IX509EnrollmentPolicyServer interface represents a certificate enrollment policy (CEP) server.
IX509EnrollmentStatus The IX509EnrollmentStatus interface can be used to specify or retrieve detailed error information about a certificate enrollment transaction.
IX509EnrollmentWebClassFactory Can be used to create any of the following objects on a webpage.
IX509Extension Can be used to define an extension for a certificate request.
IX509ExtensionAlternativeNames Enables you to specify one or more alternative name forms for the subject of a certificate. A certification authority processes the extension by binding the names to the certified public key.
IX509ExtensionAuthorityKeyIdentifier Enables you to specify an AuthorityKeyIdentifier extension.
IX509ExtensionBasicConstraints Enables you to specify whether the certificate subject is a certification authority and, if so, the depth of the subordinate certification authority chain that can exist beneath the certification authority for which this extension ID is defined.
IX509ExtensionCertificatePolicies Enables you to specify a collection of policy information terms, each of which consists of an object identifier (OID) and optional policy qualifiers. A single policy term is defined by an ICertificatePolicy object.
IX509ExtensionEnhancedKeyUsage Can be used to define a collection of object identifiers (OIDs) that identify the intended uses of the public key contained in the certificate.
IX509ExtensionKeyUsage Can be used to define restrictions on the operations that can be performed by the public key contained in the certificate.
IX509ExtensionMSApplicationPolicies Enables you to specify a collection of object identifiers (OIDs) that indicate how a certificate can be used by an application.
IX509Extensions The IX509Extensions interface defines the following methods and properties to manage a collection of IX509Extension objects.
IX509ExtensionSmimeCapabilities Can be used to report the decryption capabilities of an email recipient to an email sender so that the sender can choose the most secure algorithm supported by both parties.
IX509ExtensionSubjectKeyIdentifier Enables you to specify a SubjectKeyIdentifier extension.
IX509ExtensionTemplate Defines methods and properties that can be used to initialize or retrieve a CertificateTemplate extension.
IX509ExtensionTemplateName Defines methods and properties that can be used to initialize or retrieve a template name extension.
IX509MachineEnrollmentFactory Can be used to create an IX509EnrollmentHelper object on a webpage.
IX509NameValuePair Represents a generic name-value pair.
IX509NameValuePairs The IX509NameValuePairs interface defines the following methods and properties to manage a collection of IX509NameValuePair objects.
IX509PolicyServerListManager The IX509PolicyServerListManager interface defines the following methods and properties that enable you to manage a collection of IX509PolicyServerUrl objects.
IX509PolicyServerUrl The IX509PolicyServerUrl interface can be used to set or retrieve property values associated with the certificate enrollment policy (CEP) server and to update associated registry values.
IX509PrivateKey Represents an asymmetric private key that can be used for encryption, signing, and key agreement.
IX509PublicKey Represents a public key in a public/private key pair.
IX509SCEPEnrollment X.509 Simple Computer Enrollment Protocol Interface
IX509SignatureInformation Represents information used to sign a certificate request.

Callback functions

Title Description
ImportPFXToProvider Imports a PFX certificate.
ImportPFXToProviderFreeData Frees PFX certificate context(s).

Enumerations

Title Description
AlgorithmFlags Contains flags that can be used to refine the search for a cryptographic algorithm.
AlgorithmOperationFlags Specifies the operations that an algorithm can perform.
AlgorithmType Specifies the intended purpose of a cryptographic algorithm supported by a cryptographic provider.
AlternativeNameType Specifies the alternative name types that can be specified when initializing an IAlternativeName object.
CERTENROLL_OBJECTID Contains the predefined object identifiers (OIDs) supported by Certificate Enrollment API.
CERTENROLL_PROPERTYID Contains predefined object identifiers for external properties that can be associated with a certificate in the certificate store.
CommitTemplateFlags Specifies options for saving and deleting templates.
EncodingType Specifies the type of encoding applied to a byte array for display purposes.
EnrollmentCAProperty Specifies certification authority property values.
EnrollmentDisplayStatus Specifies whether to display enrollment status information in a user interface.
EnrollmentEnrollStatus Specifies the enrollment status of a certificate request.
EnrollmentPolicyFlags Specifies group policy flags.
EnrollmentPolicyServerPropertyFlags Specifies the default policy server.
EnrollmentSelectionStatus Specifies whether the enrollment status of an object will be monitored during the enrollment process.
EnrollmentTemplateProperty Contains property values for a given template.
ImportPFXFlags Flags to use when importing a PFX certificate.
InnerRequestLevel Specifies the containment level of a certificate request within a PKCS
InstallResponseRestrictionFlags Contains flags that identify the restrictions placed on the local installation of a certificate chain.
KeyIdentifierHashAlgorithm Specifies the algorithm used to hash the public key in a certificate request.
ObjectIdGroupId Specifies the category or group to which an object identifier (OID) belongs.
ObjectIdPublicKeyFlags Specifies whether a public key algorithm is used for signing or for encryption.
PFXExportOptions Specifies how much of a certificate chain is included when creating a Personal Information Exchange (PFX) message.
Pkcs10AllowedSignatureTypes Specifies the type of signature permitted when signing a certificate request.
PolicyQualifierType Specifies the type of qualifier applied to a certificate policy.
PolicyServerUrlFlags Contains certificate enrollment policy (CEP) server flags.
PolicyServerUrlPropertyID Contains values that specify the type of property value to be returned by the GetStringProperty method or set by the SetStringProperty method on the IX509PolicyServerUrl interface.
RequestClientInfoClientId Specifies the type of application that created a certificate request.
WebEnrollmentFlags Specifies web enrollment behavior.
WebSecurityLevel Specifies whether a web-enabled method or property is safe for scripting.
X500NameFlags Specifies the display and encoding characteristics of a distinguished name or relative distinguished name (RDN).
X509CertificateEnrollmentContext Specifies the nature of the end entity for which the certificate is intended.
X509CertificateTemplateEnrollmentFlag Contains values that specify server and client actions during enrollment.
X509CertificateTemplateGeneralFlag Contains use and modification information about templates and associated certificates.
X509CertificateTemplatePrivateKeyFlag Contains values that specify client actions regarding a private key.
X509CertificateTemplateSubjectNameFlag Contains values that specify server and client actions concerning subject names.
X509EnrollmentPolicyExportFlags Is used by the Export method on the IX509EnrollmentPolicyServer interface to specify what items to export from the policy server.
X509EnrollmentPolicyLoadOption Is used by the LoadPolicy method on the IX509EnrollmentPolicyServer interface to specify how to retrieve policy from the policy server.
X509KeySpec Specifies the intended use of a key for a legacy cryptographic service provider (CSP).
X509KeyUsageFlags Specifies the purpose of a key contained in a certificate.
X509PrivateKeyExportFlags Specifies the export policy for a private key.
X509PrivateKeyProtection Specifies the level of private key protection supported by a cryptographic provider.
X509PrivateKeyUsageFlags Specifies the permitted uses of a private key.
X509PrivateKeyVerify Specifies whether a user interface is displayed during private key verification and whether verification can proceed if the cryptographic provider is a smart card provider.
X509ProviderType Specifies the type of cryptographic provider.
X509RequestInheritOptions Specifies how keys, extension values, and external properties are inherited when a new request is created from an existing certificate.
X509RequestType Specifies the certificate request type.