Writing Custom Exit Modules

Custom exit modules must implement the ICertExit interface, which is called by the server engine. The ICertExit::Initialize method is called by the server engine when the exit module is loaded. It allows the exit module to perform initialization and returns a value that informs the server engine of the kinds of events for which it wants notification. The ICertExit::GetDescription method must return a description string when the server engine requests it. The ICertExit::Notify method is called by the server engine to notify the exit module that an event has occurred.

Exit modules can call the ICertServerExit interface, which supports many of the same methods as the ICertServerPolicy interface, with the exception of the SetCertificateExtension and SetCertificateProperty methods.

For information about removing the existing exit module and installing a new one, see the Exit Module Customization topic in Help.