Edit

IX509EnrollmentPolicyServer::Initialize method (certenroll.h)

  • Article

The Initialize method initializes an IX509EnrollmentPolicyServer object.

Syntax

HRESULT Initialize(
  [in] BSTR                             bstrPolicyServerUrl,
  [in] BSTR                             bstrPolicyServerId,
  [in] X509EnrollmentAuthFlags          authFlags,
  [in] VARIANT_BOOL                     fIsUnTrusted,
  [in] X509CertificateEnrollmentContext context
);

Parameters

[in] bstrPolicyServerUrl

A BSTR variable that contains the URL for the certificate enrollment policy server.

[in] bstrPolicyServerId

A BSTR variable that contains a unique ID for the certificate enrollment policy server. If this value is not NULL, it must match the ID string returned by the CEP response.

[in] authFlags

An X509EnrollmentAuthFlags enumeration value that specifies the client authentication type. This can be one of the following values.

Value Meaning
X509AuthAnonymous
 Anonymous authentication.
X509AuthKerberos
 Kerberos authentication.
X509AuthUsername
 Clear text user name and password authentication.
Note  The user name and password are encrypted before transmission and are stored securely in the credential vault on the CEP server.
 
X509AuthCertificate
 Client authentication certificate installed on the local computer and used by the server to verify the identity of the client.

[in] fIsUnTrusted

A Boolean value that specifies whether to allow an untrusted certification authority certificates.

[in] context

An X509CertificateEnrollmentContext enumeration value that specifies the nature of the end entity for which certificate enrollment is intended. This can be one of the following values.

Value Meaning
ContextUser
 The certificate is intended for an end user.
ContextMachine
 The certificate is intended for a computer.
ContextAdministratorForceMachine
 The certificate is being requested by an administrator acting on the behalf of a computer.

Return value

If the function succeeds, the function returns S_OK.

If the function fails, it returns an HRESULT value that indicates the error. Possible values include, but are not limited to, those in the following table. For a list of common error codes, see Common HRESULT Values.

Return code Description
E_INVALIDARG
 The bstrPolicyServerUrl parameter cannot be an empty string and must represent an HTTPS URL.
E_OUTOFMEMORY
 There was not sufficient memory available for the strings specified in the bstrPolicyServerUrl or bstrPolicyServerId parameters.
HRESULT_FROM_WIN32(ERROR_ALREADY_INITIALIZED)
 The IX509EnrollmentPolicyServer object has already been initialized.
HRESULT_FROM_WIN32(ERROR_INVALID_DATA)
 The value specified in the bstrPolicyServerId parameter is not NULL and does not equal the existing CEP ID value on the CEP server.

Requirements

Requirement Value
Minimum supported client Windows 7 [desktop apps only]
Minimum supported server Windows Server 2008 R2 [desktop apps only]
Target Platform Windows
Header certenroll.h

See also

IX509EnrollmentPolicyServer