Upravit

Sdílet prostřednictvím


ICertificates2::Find method

[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista, and Windows XP. Instead, use the X509Certificate2Collection Class in the System.Security.Cryptography.X509Certificates namespace.]

The Find method returns a Certificates object that contains all certificates that match the specified search criteria. This method was introduced in CAPICOM 2.0.

Syntax

Certificates.Find( _
  ByVal FindType, _
  [ ByVal varCriteria ], _
  [ ByVal bFindValidOnly ] _
)

Parameters

FindType [in]

A value of the CAPICOM_CERTIFICATE_FIND_TYPE enumeration that specifies the type of matching criteria supplied in the varCriteria parameter. The following table shows the possible values.

Value Meaning
CAPICOM_CERTIFICATE_FIND_SHA1_HASH
Returns certificates with a SHA1 hash that matches the SHA1 hash specified in the varCriteria parameter.
CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME
Returns certificates whose subject name exactly or partially matches the subject name specified in the varCriteria parameter. This call searches the subject name field only.
CAPICOM_CERTIFICATE_FIND_ISSUER_NAME
Returns certificates whose issuer name exactly or partially matches the issuer name specified in the varCriteria parameter. This call searches the issuer name field only.
CAPICOM_CERTIFICATE_FIND_ROOT_NAME
Returns certificates whose root subject name exactly or partially matches the root subject name specified in the varCriteria parameter. This call creates a chain. This call searches the subject name field of the root certificate.
CAPICOM_CERTIFICATE_FIND_TEMPLATE_NAME
Returns certificates whose template name matches the template name specified in the varCriteria parameter.
CAPICOM_CERTIFICATE_FIND_EXTENSION
Returns certificates that have an extension that matches the extension specified in the varCriteria parameter.
CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY
Returns certificates in the store that explicitly contain an extended property with the value specified in the varCriteria parameter.
CAPICOM_CERTIFICATE_FIND_APPLICATION_POLICY
Returns certificates in the store that have either an enhanced key usage extension, application policy extension, or extended property specified in the varCriteria parameter.
CAPICOM_CERTIFICATE_FIND_CERTIFICATE_POLICY
Returns certificates that contain the policy OID in the Certificate Policy extension specified in the varCriteria parameter.
CAPICOM_CERTIFICATE_FIND_TIME_VALID
Returns certificates whose time is valid.
CAPICOM_CERTIFICATE_FIND_TIME_NOT_YET_VALID
Returns certificates whose time is not yet valid.
CAPICOM_CERTIFICATE_FIND_TIME_EXPIRED
Returns certificates whose time has expired.
CAPICOM_CERTIFICATE_FIND_KEY_USAGE
Returns certificates containing key usages in the KeyUsage extension specified in the varCriteria parameter. If the KeyUsage extension is not present, all of the key usages are assumed to be unavailable.

 

varCriteria [in, optional]

A variant that contains the search criteria. This data must match the type of data specified in the FindType parameter. If the value of the FindType parameter is CAPICOM_CERTIFICATE_FIND_TIME_VALID, CAPICOM_CERTIFICATE_FIND_TIME_NOT_YET_VALID, or CAPICOM_CERTIFICATE_FIND_TIME_EXPIRED and you do not pass a value into this parameter, the current time is assumed. For examples of each data type, see Remarks. The default value is 0.

bFindValidOnly [in, optional]

A Boolean value that indicates whether only valid certificates are returned. The default value is false; this indicates that all certificates that match the search criteria are returned.

If true, the search will not return the following types of certificates:

  • Certificates whose time has expired or is not yet valid.
  • Certificates not chained properly.
  • Certificates that have signature problems.
  • Certificates that are revoked.

Return value

Certificates object that contains the results of the search.

CAPICOM 2.1: The Certificates object that is returned contains references to the certificates in the collection in which the search was done. Any changes made to the certificates in the returned Certificates object are reflected in that collection.

CAPICOM 2.0, CAPICOM 2.0.0.1, CAPICOM 2.0.0.2, and CAPICOM 2.0.0.3: The Certificates object that is returned contains copies of the certificates in the collection in which the search was done. Any changes made to the certificates in the returned Certificates object are not reflected in that collection.

Remarks

The following examples show possible search criteria for the different search criteria types.

FindType parameter varCriteria parameter
CAPICOM_CERTIFICATE_FIND_SHA1_HASH 33F362434B577F844BB7226BE36F7D72EF9D9393
CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME "NameOfPerson"
CAPICOM_CERTIFICATE_FIND_ISSUER_NAME "VeriSign"
CAPICOM_CERTIFICATE_FIND_ROOT_NAME "Microsoft Root Authority"
CAPICOM_CERTIFICATE_FIND_TEMPLATE_NAME "AutoEnrollEFS"
1.3.6.1.4.1.311.21.8.3692315854.1256661383.1690418588.4201632533.1741915387.2177932052
CAPICOM_CERTIFICATE_FIND_EXTENSION "2.5.29.31"
CAPICOM_OID_KEY_USAGE_EXTENSION
"CRL Distribution List"
CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY CAPICOM_PROPID_KEY_PROV_INFO
CAPICOM_CERTIFICATE_FIND_APPLICATION_POLICY "1.3.6.1.5.5.7.3.3"
"1.3.6.1.5.5.7.3.4"
CAPICOM_OID_SERVER_AUTH_EKU
"Code Signing"
CAPICOM_CERTIFICATE_FIND_CERTIFICATE_POLICY "1.3.6.1.5.5.7.3.4.3.5"
"Corporate High Assurance"
CAPICOM_CERTIFICATE_FIND_TIME_VALID #04/15/2002, 6:00 PM#
CAPICOM_CERTIFICATE_FIND_TIME_NOT_YET_VALID #04/15/2002, 6:00 PM#
CAPICOM_CERTIFICATE_FIND_TIME_EXPIRED #04/15/2002, 6:00 PM#
CAPICOM_CERTIFICATE_FIND_KEY_USAGE CAPICOM_ENCIPHER_ONLY_KEY_USAGE

 

Requirements

Requirement Value
End of client support
Windows Vista
End of server support
Windows Server 2008
Redistributable
CAPICOM 2.0 or later on Windows Server 2003 and Windows XP
DLL
Capicom.dll

See also

Certificates

CAPICOM_OID