IX509CertificateRequestCmc::put_KeyArchivalCertificate method (certenroll.h)
The KeyArchivalCertificate property specifies or retrieves a certification authority (CA) encryption certificate. The certificate is contained in a byte array that is encoded by using Distinguished Encoding Rules (DER) as defined by the Abstract Syntax Notation One (ASN.1) standard. The DER-encoded byte array is represented by a string that is either a pure binary sequence or is Unicode encoded. This property is web enabled for both input and output.
This property is read/write.
Syntax
HRESULT put_KeyArchivalCertificate(
EncodingType Encoding,
BSTR Value
);
Parameters
Encoding
Value
Return value
None
Remarks
If correctly configured, a certification authority (CA) can archive a client's private key. Typically, the client requests an exchange certificate from the CA, validates it, and uses it as input to the KeyArchivalCertificate property. The CA's public key is used to encrypt the private key that is being submitted for archiving. You can use the ArchivePrivateKey property to request key archival.
You must set this property, if at all, before calling the Encode method, but you must initialize the CMC request object before calling the property. For more information, see the following topics:
- Initialize
- InitializeDecode
- InitializeFromCertificate
- InitializeFromInnerRequest
- InitializeFromInnerRequestTemplateName
- InitializeFromTemplateName
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows Vista [desktop apps only] |
Minimum supported server | Windows Server 2008 [desktop apps only] |
Target Platform | Windows |
Header | certenroll.h |
DLL | CertEnroll.dll |