Certificate Enrollment API


The Certificate Enrollment API can be used to create a client application to request a certificate and install a certificate response. This API is implemented in CertEnroll.dll beginning with Windows Vista; it replaces Xenroll.dll.

Developer audience

The Certificate Enrollment API is for use by developers of applications that will enable users to create, request, and retrieve certificates over media, such as the Internet or an intranet, that are not inherently secure. Developers should be familiar with the C and C++ programming languages, the Component Object Model (COM), and the Windows-based programming environment. Although not required, an understanding of cryptography and public key infrastructure is advised.

Run-time requirements

The Certificate Enrollment API is supported beginning with Windows Server 2008 and Windows Vista. For information about run-time requirements for a particular programming element, see the Requirements section of the reference page for that element.

In this section

Topic Description
About the Certificate Enrollment API
Key concepts about certificate requests are discussed.
Using the Certificate Enrollment API
How to use the Certificate Enrollment API to extend the capabilities of Active Directory Certificate Services.
Certificate Enrollment API Reference
Detailed descriptions of interfaces, enumerations, and other programming elements that can be used to enroll a user or computer in a certificate hierarchy.