CertOpenSystemStoreA function (wincrypt.h)

The CertOpenSystemStore function is a simplified function that opens the most common system certificate store. To open certificate stores with more complex requirements, such as file-based or memory-based stores, use CertOpenStore.

Syntax

HCERTSTORE CertOpenSystemStoreA(
  [in] HCRYPTPROV_LEGACY hProv,
  [in] LPCSTR            szSubsystemProtocol
);

Parameters

[in] hProv

This parameter is not used and should be set to 0.

Windows Server 2003 and Windows XP:  A handle of a cryptographic service provider (CSP). Set hProv to 0 to use the default CSP. If hProv is not 0, it must be a CSP handle created by using the CryptAcquireContext function.This parameter's data type is HCRYPTPROV.

[in] szSubsystemProtocol

A string that names a system store. If the system store name provided in this parameter is not the name of an existing system store, a new system store will be created and used. CertEnumSystemStore can be used to list the names of existing system stores. Some example system stores are listed in the following table.

Value Meaning
CA
Certification authority certificates.
MY
A certificate store that holds certificates with associated private keys.
ROOT
Root certificates.
SPC
Software Publisher Certificate.

Return value

If the function succeeds, the function returns a handle to the certificate store.

If the function fails, it returns NULL. For extended error information, call GetLastError.

Note  Errors from the called function CertOpenStore are propagated to this function.
 

Remarks

Only current user certificates are accessible using this method, not the local machine store.

After the system store is opened, all the standard certificate store functions can be used to manipulate the certificates.

After use, the store should be closed by using CertCloseStore.

For more information about the stores that are automatically migrated, see Certificate Store Migration.

Examples

The following example shows a simplified method for opening the most common system certificate stores. For another example that uses this function, see Example C Program: Certificate Store Operations.

//--------------------------------------------------------------------
// Declare and initialize variables.

HCERTSTORE  hSystemStore;              // system store handle

//--------------------------------------------------------------------
// Open the CA system certificate store. The same call can be
// used with the name of a different system store, such as My or Root,
// as the second parameter.

if(hSystemStore = CertOpenSystemStore(
    0,
    "CA"))
{
  printf("The CA system store is open. Continue.\n");
}
else
{
  printf("The CA system store did not open.\n");
  exit(1);
}

// Use the store as needed.
// ...

// When done using the store, close it.
if(!CertCloseStore(hSystemStore, 0))
{
  printf("Unable to close the CA system store.\n");
  exit(1);
}

Note

The wincrypt.h header defines CertOpenSystemStore as an alias which automatically selects the ANSI or Unicode version of this function based on the definition of the UNICODE preprocessor constant. Mixing usage of the encoding-neutral alias with code that not encoding-neutral can lead to mismatches that result in compilation or runtime errors. For more information, see Conventions for Function Prototypes.

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header wincrypt.h
Library Crypt32.lib
DLL Crypt32.dll

See also

CertAddEncodedCertificateToStore

CertCloseStore

CertGetCRLContextProperty

CertOpenStore

CertSaveStore

Certificate Store Functions