IX509ExtensionAuthorityKeyIdentifier::InitializeEncode method (certenroll.h)

The InitializeEncode method initializes the extension from a byte array. The byte array is represented by a Unicode-encoded string.


HRESULT InitializeEncode(
  [in] EncodingType Encoding,
  [in] BSTR         strKeyIdentifier


[in] Encoding

An EncodingType enumeration value that specifies the type of Unicode encoding applied to the strKeyIdentifier value.

[in] strKeyIdentifier

A BSTR variable that contains the extension value.

Return value

If the function succeeds, the function returns S_OK.

If the function fails, it returns an HRESULT value that indicates the error. Possible values include, but are not limited to, those in the following table. For a list of common error codes, see Common HRESULT Values.

Return code/value Description
The object is already initialized.


Typically, the input value should be a SHA-1 hash of the public key contained in the signing certificate. The method associates the value with the XCN_OID_AUTHORITY_KEY_IDENTIFIER2 ( object identifier (OID) and encodes it by using Distinguished Encoding Rules (DER).

You must call either InitializeEncode or InitializeDecode before you can use an IX509ExtensionAuthorityKeyIdentifier object. The two methods complement each other. The InitializeEncode method enables you to construct a DER-encoded Abstract Syntax Notation One (ASN.1) extension object from raw data, and the InitializeDecode method enables you to initialize the raw data from an encoded object.

You can retrieve the following properties for this extension:

  • The Critical property identifies whether the extension is critical. You can also specify this property.
  • The ObjectId property retrieves the OID.
  • The AuthorityKeyIdentifier property retrieves the raw data.


Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header certenroll.h
DLL CertEnroll.dll

See also