IX509CertificateRequestPkcs10 interface (certenroll.h)

The IX509CertificateRequestPkcs10 interface represents a PKCS #10 certificate request. The public key cryptography standard (PKCS) #10 defines the format of messages sent to a certification or registration authority to request a public-key certificate.

A PKCS #10 ASN.1 request object contains a version identifier, the subject name, a public key and a set of attributes as shown by the following syntax example.


--------------------------------------------------------------------
-- Certificate request.
--------------------------------------------------------------------
CertificationRequestInfo ::= SEQUENCE 
{
   version                 CertificationRequestInfoVersion,
   subject                 Name,
   subjectPublicKeyInfo    SubjectPublicKeyInfo,
   attributes              [0] IMPLICIT Attributes
}

-------------------------------------------------------
-- Version number.
-------------------------------------------------------
CertificationRequestInfoVersion ::= INTEGER

-------------------------------------------------------
-- Subject distinguished name (DN).
-------------------------------------------------------
Name ::= SEQUENCE OF RelativeDistinguishedName

RelativeDistinguishedName ::= SET OF AttributeTypeValue

AttributeTypeValue ::= SEQUENCE 
{
   type               EncodedObjectID,
   value              ANY 
}

-------------------------------------------------------
-- Public key information.
-------------------------------------------------------
SubjectPublicKeyInfo ::= SEQUENCE 
{
   algorithm           AlgorithmIdentifier,
   subjectPublicKey    BITSTRING
}

-------------------------------------------------------
-- Attributes.
-------------------------------------------------------
Attributes ::= SET OF Attribute

Attribute ::= SEQUENCE 
{
   type               EncodedObjectID,
   values             AttributeSetValue
}
The CertificationRequestInfo ASN.1 object is wrapped in a CertificationRequest object as shown by the following syntax. The CertificationRequest object also includes the signature and the signature algorithm. A PKCS #10 request must be signed by the associated private key or null-signed if it is a cross-certification request. You can call the RawData property to retrieve the signed CertificationRequest object, and you can call the RawDataToBeSigned property to retrieve the unsigned CertificationRequestInfo object.

--------------------------------------------------------------------
-- Certificate request.
--------------------------------------------------------------------
CertificationRequest ::= SEQUENCE 
{
   certificationRequestInfo   CertificationRequestInfo,
   signatureAlgorithm         AlgorithmIdentifier,
   signature                  BIT STRING
}

--------------------------------------------
--  Algorithm Identifier
--------------------------------------------
AlgorithmIdentifier ::= SEQUENCE 
{
   algorithm           EncodedObjectID,
   parameters          ANY OPTIONAL
}
The following properties can be set before calling the Encode method:Also, the Silent, ParentWindow, and UIContextMessage properties are typically called before calling an initialization method.

The following properties must be set, if at all, before calling the Encode method:

Inheritance

The IX509CertificateRequestPkcs10 interface inherits from IX509CertificateRequest. IX509CertificateRequestPkcs10 also has these types of members:

Methods

The IX509CertificateRequestPkcs10 interface has these methods.

 
IX509CertificateRequestPkcs10::CheckSignature

Verifies that the certificate request has been signed and that the signature is valid.
IX509CertificateRequestPkcs10::get_CriticalExtensions

Retrieves an IObjectIds collection that identifies the version 3 certificate extensions marked as critical.
IX509CertificateRequestPkcs10::get_CryptAttributes

Retrieves an ICryptAttributes collection of optional certificate attributes.
IX509CertificateRequestPkcs10::get_CspStatuses

Retrieves a collection of ICspStatus objects that matches the intended use of the private key associated with the certificate request.
IX509CertificateRequestPkcs10::get_KeyContainerNamePrefix

Specifies or retrieves a prefix used to create the container name for a new private key.
IX509CertificateRequestPkcs10::get_NullSigned

Retrieves a Boolean value that indicates whether the certificate request is null-signed.
IX509CertificateRequestPkcs10::get_OldCertificate

Retrieves the certificate passed to the InitializeFromCertificate method.
IX509CertificateRequestPkcs10::get_PrivateKey

Retrieves an IX509PrivateKey object that contains the private key used to sign the certificate request.
IX509CertificateRequestPkcs10::get_PublicKey

Retrieves the IX509PublicKey object that contains the public key included in the certificate request.
IX509CertificateRequestPkcs10::get_RawDataToBeSigned

Retrieves the unsigned certificate request created by the Encode method.
IX509CertificateRequestPkcs10::get_ReuseKey

Retrieves a Boolean value that indicates whether an existing private key was used to sign the request.
IX509CertificateRequestPkcs10::get_Signature

Retrieves the request signature created by the Encode method.
IX509CertificateRequestPkcs10::get_SignatureInformation

Retrieves the IX509SignatureInformation object that contains information about the certificate request signature.
IX509CertificateRequestPkcs10::get_SmimeCapabilities

Specifies or retrieves a Boolean value that tells the Encode method whether to create an IX509ExtensionSmimeCapabilities collection that identifies the encryption capabilities supported by the computer.
IX509CertificateRequestPkcs10::get_Subject

Specifies or retrieves the X.500 distinguished name of the entity requesting the certificate.
IX509CertificateRequestPkcs10::get_SuppressOids

Retrieves a collection of the default extension and attribute object identifiers (OIDs) that were not added to the request when the request was encoded.
IX509CertificateRequestPkcs10::get_TemplateObjectId

Retrieves the object identifier (OID) of the template used to create the certificate request.
IX509CertificateRequestPkcs10::get_X509Extensions

Retrieves a collection of the extensions included in the certificate request.
IX509CertificateRequestPkcs10::GetCspStatuses

Retrieves an ICspStatuses collection that contains all provider/algorithm pairs consistent with the intended use of the private key as specified by the caller.
IX509CertificateRequestPkcs10::InitializeDecode

Decodes an existing signed or unsigned PKCS
IX509CertificateRequestPkcs10::InitializeFromCertificate

Initializes the certificate request by using an existing certificate.
IX509CertificateRequestPkcs10::InitializeFromPrivateKey

Initializes the certificate request by using an IX509PrivateKey object and, optionally, a template.
IX509CertificateRequestPkcs10::InitializeFromPublicKey

Initializes a null-signed certificate request by using an IX509PublicKey object and, optionally, a template.
IX509CertificateRequestPkcs10::InitializeFromTemplateName

.
IX509CertificateRequestPkcs10::IsSmartCard

Retrieves a Boolean value that indicates whether any of the cryptographic providers associated with the request object is a smart card provider.
IX509CertificateRequestPkcs10::put_KeyContainerNamePrefix

Specifies or retrieves a prefix used to create the container name for a new private key.
IX509CertificateRequestPkcs10::put_SmimeCapabilities

Specifies or retrieves a Boolean value that tells the Encode method whether to create an IX509ExtensionSmimeCapabilities collection that identifies the encryption capabilities supported by the computer.
IX509CertificateRequestPkcs10::put_Subject

Specifies or retrieves the X.500 distinguished name of the entity requesting the certificate.

Requirements

   
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header certenroll.h

See also

CertEnroll Interfaces

IX509CertificateRequest