ICEnroll4::createPFX method (xenroll.h)

[This method is no longer available for use as of Windows Server 2008 and Windows Vista.]

The createPFX method saves the accepted certificate chain and private key in a Personal Information Exchange (PFX) format string. The PFX format is also known as PKCS #12.

This method was first defined in the ICEnroll4 interface.


  [in]  BSTR strPassword,
  [out] BSTR *pstrPFX


[in] strPassword

A password for the PFX-format message. This value can be empty or NULL to indicate that no password is used. When you have finished using the password, clear it from memory by calling the SecureZeroMemory function. For more information about protecting the password, see Handling Passwords.

[out] pstrPFX

A pointer to a BSTR that receives the base64-encoded PFX format certificate information. When you have finished using the BSTR, free it by calling the SysFreeString function.

Return value


If the method succeeds, the method returns S_OK.

If the method fails, it returns an HRESULT value that indicates the error. For a list of common error codes, see Common HRESULT Values.


The return value is a String that contains the PFX format certificate information.


This method is disabled when the Certificate Enrollment Control is executed as a scripted control.


Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header xenroll.h
Library Uuid.lib
DLL Xenroll.dll