Hinweis
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, sich anzumelden oder das Verzeichnis zu wechseln.
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, das Verzeichnis zu wechseln.
Das folgende Beispiel zeigt, wie das Zertifikatanforderungssteuerungselement mit dem ICertRequest-Objekt verwendet werden kann, um eine Zertifikatanforderung zu erstellen und einzureichen.
// Copyright (C) Microsoft. All rights reserved.
// Example for Certificate Enrollment Control
// used with ICertRequest in C++
//
#include <stdio.h>
#include <Certsrv.h> // for ICertRequest object
#include <xenroll.h>
#include <windows.h>
HRESULT __cdecl main()
{
// Pointer to interface objects.
ICEnroll4 * pEnroll = NULL;
ICertRequest2 * pRequest = NULL;
// BSTR variables.
BSTR bstrDN = NULL;
BSTR bstrOID = NULL;
BSTR bstrCertAuth = NULL;
BSTR bstrReq = NULL;
BSTR bstrAttrib = NULL;
// Request disposition variable.
long nDisp;
// Variable for return value.
HRESULT hr;
// Initialize COM.
hr = CoInitializeEx( NULL, COINIT_APARTMENTTHREADED );
// Check status.
if ( FAILED( hr ) )
{
printf("Failed CoInitializeEx - [%x]\n", hr);
goto error;
}
// Create an instance of the Certificate Enrollment object.
hr = CoCreateInstance( CLSID_CEnroll,
NULL,
CLSCTX_INPROC_SERVER,
IID_ICEnroll4,
(void **)&pEnroll);
// Check status.
if ( FAILED( hr ) )
{
printf("Failed CoCreateInstance - pEnroll [%x]\n", hr);
goto error;
}
// Create an instance of the Certificate Request object.
hr = CoCreateInstance( CLSID_CCertRequest,
NULL,
CLSCTX_INPROC_SERVER,
IID_ICertRequest2,
(void **)&pRequest);
// Check status.
if ( FAILED( hr ) )
{
printf("Failed CoCreateInstance - pRequest [%x]\n", hr);
goto error;
}
// Create the data for the request.
// A user interface or database retrieval could
// be used instead of this sample's hard-coded text.
bstrDN = SysAllocString(L"CN=UserName" // Common Name
L",OU=UserUnit" // Org Unit
L",O=UserOrg" // Org
L",L=UserCity" // Locality
L",S=WA" // State
L",C=US"); // Country/Region
if (NULL == bstrDN)
{
printf("Failed SysAllocString\n");
goto error;
}
// Allocate the BSTR representing the certification authority.
// Note the use of '\\' to produce a single '\' in C++.
bstrCertAuth = SysAllocString(L"Server\\CertAuth");
if (NULL == bstrCertAuth)
{
printf("Failed SysAllocString\n");
goto error;
}
// Allocate the BSTR for the certificate usage.
bstrOID = SysAllocString(L"1.3.6.1.4.1.311.2.1.21");
if (NULL == bstrOID)
{
printf("Failed SysAllocString\n");
goto error;
}
// Allocate the BSTR for the attributes.
// In this case, no attribute is specified.
bstrAttrib = SysAllocString(L"");
if (NULL == bstrAttrib)
{
printf("Failed SysAllocString\n");
goto error;
}
// Create the PKCS #10.
hr = pEnroll->createPKCS10( bstrDN, bstrOID, &bstrReq );
// check status
if ( FAILED( hr ) )
{
printf("Failed createPKCS10 - [%x]\n", hr);
goto error;
}
// Submit the certificate request.
hr = pRequest->Submit( CR_IN_BASE64 | CR_IN_PKCS10,
bstrReq,
bstrAttrib,
bstrCertAuth,
&nDisp );
// Check status.
if ( FAILED( hr ) )
{
printf("Failed Request Submit - [%x]\n", hr);
goto error;
}
else
printf("Request submitted; disposition = %d\n", nDisp );
error:
// Done processing.
// Clean up object resources.
if ( NULL != pEnroll )
pEnroll->Release();
if ( NULL != pRequest )
pRequest->Release();
// Free BSTR variables.
if ( NULL != bstrDN )
SysFreeString ( bstrDN );
if ( NULL != bstrOID )
SysFreeString ( bstrOID );
if ( NULL != bstrCertAuth )
SysFreeString ( bstrCertAuth );
if ( NULL != bstrReq )
SysFreeString ( bstrReq );
if ( NULL != bstrAttrib )
SysFreeString ( bstrAttrib );
// Free COM resources.
CoUninitialize();
return hr;
}