PolicyServerUrlFlags enumeration (certenroll.h)

The PolicyServerUrlFlags enumeration contains certificate enrollment policy (CEP) server flags. It is used by the Initialize method on the ICertPropertyEnrollmentPolicyServer interface.

Syntax

typedef enum PolicyServerUrlFlags {
  PsfNone,
  PsfLocationGroupPolicy,
  PsfLocationRegistry,
  PsfUseClientId,
  PsfAutoEnrollmentEnabled,
  PsfAllowUnTrustedCA
} ;

Constants

 
PsfNone
No flags are specified.
PsfLocationGroupPolicy
Policy information is specified in group policy by an administrator.
PsfLocationRegistry
Policy information is specified in the registry.
PsfUseClientId
Specifies that certificate enrollments and renewals include client specific data in a ClientId attribute. Examples include the name of the cryptographic service provider, the Windows version number, the user name, the computer DNS name, and the domain controller DNS name. This flag can be set by group policy.

This flag has been included to address privacy concerns that can arise during enrollment to servers that are managed by administrators other than those who manage the forest in which the user resides. By not setting this flag, you can prevent sending personal information to non-local administrators.
PsfAutoEnrollmentEnabled
Automatic certificate enrollment is enabled.
PsfAllowUnTrustedCA
Specifies that the certificate of the issuing CA need not be trusted by the client to install a certificate signed by the CA.

Requirements

   
Minimum supported client Windows 7 [desktop apps only]
Minimum supported server Windows Server 2008 R2 [desktop apps only]
Header certenroll.h

See also

ICertPropertyEnrollmentPolicyServer

Initialize