3.10.4.7 ExportToBlob (Opnum 25)
The ExportToBlob method exports the certificate referenced at InstanceName to a memory buffer.
-
[id(19)] HRESULT ExportToBlob( [in] BSTR InstanceName, [in] BSTR Password, [in] VARIANT_BOOL bPrivateKey, [in] VARIANT_BOOL bCertChain, [in,out] DWORD *pcbSize, [in,out,string] CHAR **pBlobBinary );
InstanceName: A string that specifies a web server instance.
Password: A password used to encrypt the exported certificate data.
bPrivateKey: If set to VARIANT_TRUE, indicates that the private key of the certificate is to be exported.
bCertChain: If set to VARIANT_TRUE, indicates that the certificate chain of the certificate referenced by InstanceName is to be exported.
pcbSize: If the method succeeds, returns the number of valid bytes returned in pBlobBinary.
pBlobBinary: If the method succeeds, returns a pointer to a memory buffer containing the exported certificate data. The buffer contains a null-terminated, base64-encoded array of bytes. The client MUST free the pointer returned in pBlobBinary using the appropriate memory allocator as specified for the DCOM implementation.<43>
Return Values: A signed 32-bit value that indicates return status. If the method returns a negative value, it failed. If the 12-bit facility code (bits 16–27) is set to 0x007, the value contains a Win32 error code in the lower 16 bits. Zero or positive values indicate success, with the lower 16 bits in positive nonzero values containing warnings or flags defined in the method implementation. For more information about Win32 error codes and HRESULT values, see [MS-ERREF].
-
Return value/code
Description
0x00000000
S_OK
The call was successful.
0x80070057
E_INVALIDARG
One or more arguments are invalid.
0x000006cf
RPC_S_STRING_TOO_LONG
The string is too long.
0x800CC801
MD_ERROR_DATA_NOT_FOUND
The specified metadata was not found.
0x80092004
CRYPT_E_NOT_FOUND
Cannot find object or property.
0x80090349
SEC_E_CERT_WRONG_USAGE
The certificate is not valid for the requested usage.
The opnum field value for this method is 25.
When processing this call, the server MUST do the following:
If InstanceName or Password are empty strings, return E_INVALIDARG.
If InstanceName or Password contains more than 260 characters, return RPC_STRING_TOO_LONG.
Attempt to retrieve the certificate referenced at the specified InstanceName. If the certificate cannot be retrieved on the target system, if no certificate is referenced at the specified InstanceName, or if the certificate is not suitable for use by the server for SSL, return an error.
Attempt to export the certificate using the specified password, Password. If bPrivateKey is 1 or VARIANT_TRUE, include the private key in the exported data. If bCertChain is 1 or VARIANT_TRUE, include the certificate's associated certificate chain in the exported data.<44>
If the requested data was exported successfully, base64 encode the exported data; allocate a buffer to return to the client in pBlobBinary; copy the data to the buffer pointed to by pBlobBinary; and return the number of bytes in the exported and encoded blob in pcbSize; otherwise, return an error.<45>