ICertSrvSetup::GetExistingCACertificates method (casetup.h)

The GetExistingCACertificates method gets the collection of CertSrvSetupKeyInformation objects that represent valid certification authority (CA) certificates currently installed on the computer. This method does not change the state of the CCertSrvSetup object.

Syntax

HRESULT GetExistingCACertificates(
  [out] ICertSrvSetupKeyInformationCollection **ppVal
);

Parameters

[out] ppVal

The address of a pointer to an ICertSrvSetupKeyInformationCollection interface that can be used to access information for the set of valid CA certificates installed in the "LocalMachine" store.

Return value

None

Remarks

The CertSrvSetupKeyInformationCollection object contains valid certificates. A certificate is considered valid if it satisfies the following criteria:

  • Contains an AT_SIGNATURE key that matches the key in the private key container.
  • Is self-signed or has basic constraints for a CA.
  • Passes chain validation but might have an offline revocation error.

Requirements

Requirement Value
Minimum supported client None supported
Minimum supported server Windows ServerĀ 2008 [desktop apps only]
Target Platform Windows
Header casetup.h
DLL Certocm.dll

See also

ICertSrvSetup