CertSetEnhancedKeyUsage function (wincrypt.h)

The CertSetEnhancedKeyUsage function sets the enhanced key usage (EKU) property for the certificate. Use of this function replaces any EKUs associated with the certificate. To add a single EKU usage without changing existing usages, use CertAddEnhancedKeyUsageIdentifier. To delete a single EKU usage, use CertRemoveEnhancedKeyUsageIdentifier.


BOOL CertSetEnhancedKeyUsage(
  [in] PCCERT_CONTEXT     pCertContext,


[in] pCertContext

A pointer to the CERT_CONTEXT of the specified certificate.

[in] pUsage

Pointer to a CERT_ENHKEY_USAGE structure (equivalent to a CTL_USAGE structure) that contains an array of EKU object identifiers (OIDs) to be set as extended properties of the certificate.

Return value

If the function succeeds, the function returns nonzero (TRUE).

If the function fails, it returns zero (FALSE). For extended error information, call GetLastError.


Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header wincrypt.h
Library Crypt32.lib
DLL Crypt32.dll

See also


Enhanced Key Usage Functions