IX509CertificateRequestCmc::get_KeyArchivalCertificate method (certenroll.h)
The KeyArchivalCertificate property specifies or retrieves a certification authority (CA) encryption certificate. The certificate is contained in a byte array that is encoded by using Distinguished Encoding Rules (DER) as defined by the Abstract Syntax Notation One (ASN.1) standard. The DER-encoded byte array is represented by a string that is either a pure binary sequence or is Unicode encoded. This property is web enabled for both input and output.
This property is read/write.
Syntax
HRESULT get_KeyArchivalCertificate(
EncodingType Encoding,
BSTR *pValue
);
Parameters
Encoding
pValue
Return value
None
Remarks
If correctly configured, a certification authority (CA) can archive a client's private key. Typically, the client requests an exchange certificate from the CA, validates it, and uses it as input to the KeyArchivalCertificate property. The CA's public key is used to encrypt the private key that is being submitted for archiving. You can use the ArchivePrivateKey property to request key archival.
You must set this property, if at all, before calling the Encode method, but you must initialize the CMC request object before calling the property. For more information, see the following topics:
- Initialize
- InitializeDecode
- InitializeFromCertificate
- InitializeFromInnerRequest
- InitializeFromInnerRequestTemplateName
- InitializeFromTemplateName
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | certenroll.h |
| DLL | CertEnroll.dll |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for