ICertServerExit::GetCertificateExtension method (certif.h)

The GetCertificateExtension method gets a specified certificate extension.

Note that certificate extensions are distinct from certificate properties. Properties are generic data attached to the request object. Some of these properties are encoded into the certificate (example: BeginDate), while others are just used to mark requests in the queue and log. Extensions that are not disabled are encoded into the certificate. Extensions are always marked with an object identifier and always have a critical/noncritical flag.

Syntax

HRESULT GetCertificateExtension(
  [in]  const BSTR strExtensionName,
  [in]  LONG       Type,
  [out] VARIANT    *pvarValue
);

Parameters

[in] strExtensionName

A string that contains the name of the extension.

[in] Type

Specifies the type of the extension. The type can be one of the following types.

Value Meaning
PROPTYPE_LONG
Signed long data
PROPTYPE_DATE
Date/time
PROPTYPE_BINARY
The extension value is retrieved as is and is ASN.1 encoded if necessary.
PROPTYPE_STRING
The extension value is ASN.1 encoded as an IA5 string.

[out] pvarValue

A pointer to a VARIANT that receives the requested extension value.

Return value

C++

If the method succeeds, the method returns S_OK, and *pvarValue is set to the VARIANT that contains the extension value.

If the method fails, it returns an HRESULT value that indicates the error. For a list of common error codes, see Common HRESULT Values.

VB

The return value is the requested extension value.

Remarks

You must call ICertServerExit::SetContext prior to using this method.

Examples

VARIANT  varExt;
HRESULT  hr;

VariantInit(&varExt);
// Get the Extension value
// bstrExtName is BSTR assigned by EnumerateExtensions.
// pCertServerExit has been used to call SetContext previously.
hr = pCertServerExit->GetCertificateExtension(bstrExtName,
                                              PROPTYPE_BINARY,
                                              &varExt);

if (FAILED(hr))
{
    printf("Failed GetCertificateExtension [%x]\n", hr);
    goto error;
}
// Successful call; Use the value in varExt as needed.
// ...

// When done, clear the Variant
VariantClear(&varExt);

Requirements

Requirement Value
Minimum supported client None supported
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header certif.h (include Certsrv.h)
Library Certidl.lib
DLL Certcli.dll

See also

ICertServerExit

ICertServerExit::GetCertificateExtensionFlags

ICertServerExit::SetContext