IX509CertificateRequestCmc2::InitializeFromInnerRequestTemplate method (certenroll.h)
The InitializeFromInnerRequestTemplate method initializes the certificate request from an inner request object and a template.
Syntax
HRESULT InitializeFromInnerRequestTemplate(
[in] IX509CertificateRequest *pInnerRequest,
[in] IX509EnrollmentPolicyServer *pPolicyServer,
[in] IX509CertificateTemplate *pTemplate
);
Parameters
[in] pInnerRequest
Pointer to an IX509CertificateRequest interface that represents the inner request object. This can be a PKCS #10 or a CMC request.
[in] pPolicyServer
Pointer to an IX509EnrollmentPolicyServer object that represents the certificate enrollment policy (CEP) server that contains the template specified by the pTemplate parameter.
[in] pTemplate
Pointer to an IX509CertificateTemplate object that represents the template to use during initialization.
Return value
If the function succeeds, the function returns S_OK.
If the function fails, it returns an HRESULT value that indicates the error. Possible values include, but are not limited to, those in the following table. For a list of common error codes, see Common HRESULT Values.
| Return code/value | Description |
|---|---|
|
The request object passed to the pInnerRequest parameter must be a PKCS #10 or a CMC request. |
|
The pInnerRequest, pPolicyServer, and pTemplate parameters cannot be NULL. |
|
The request object has already been initialized. |
Remarks
By specifying a template, you can add information to the outer request object that may not be contained in the inner request. For example, if the inner request does not contain the necessary extensions, you can supply a template that does.
The InitializeFromInnerRequestTemplate method:
- Creates an empty ICryptAttributes collection.
- Creates an empty IX509NameValuePairs collection.
- Creates an empty IX509Extensions collection.
- Creates an IObjectIds collection for critical extensions and adds the XCN_OID_KEY_USAGE and XCN_OID_BASIC_CONSTRAINTS2 object identifiers (OIDs).
- Creates an empty IObjectIds collection of OIDs to be suppressed from the request object.
- Creates an empty ISignerCertificates collection.
- Retrieves private key flags from the template.
- Sets the ArchivePrivateKey property if required by the template flags or settings.
- Retrieves the encryption algorithm from the template if one is specified and sets the EncryptionAlgorithm property.
- Sets the EncryptionStrength property if possible.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 7 [desktop apps only] |
| Minimum supported server | Windows Server 2008 R2 [desktop apps only] |
| Target Platform | Windows |
| Header | certenroll.h |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for