CEnroll object
The CEnroll object represents the Certificate Enrollment Control. It is primarily used when programming in Visual Basic or another Automation language.
The CEnroll object exposes the following interfaces:
- Methods
- Properties
Methods
The CEnroll object has these methods.
| Method | Description |
|---|---|
| acceptFilePKCS7 | Accepts and processes a PKCS #7 message containing a certificate, then stores the message to a file. (Inherited from ICEnroll) |
| acceptFileResponse | Accepts delivery of the credentials issued in response to an earlier call to createFileRequest, and it places the credentials in the appropriate store. (Inherited from ICEnroll4) |
| acceptPKCS7 | Accepts and processes a PKCS #7 message containing a certificate. The PKCS #7 is input as a parameter. (Inherited from ICEnroll) |
| AcceptResponse | Accepts delivery of the credentials issued in response to an earlier call to createRequest and places the credentials in the appropriate store. (Inherited from ICEnroll4) |
| addAttributeToRequest | Adds an attribute to the certificate request. (Inherited from ICEnroll4) |
| addCertTypeToRequest | Adds a certificate template to a request (used to support the enterprise certification authority (CA)). (Inherited from ICEnroll2) |
| addCertTypeToRequestEx | Adds a certificate template (or "certificate type") to a request. (Inherited from ICEnroll4) |
| addExtensionToRequest | Adds an extension to the request. (Inherited from ICEnroll4) |
| addNameValuePairToRequest | Adds a name-value string pair to the request. (Inherited from ICEnroll4) |
| addNameValuePairToSignature | Adds the name and value pair of an attribute to the request. It is up to the CA to interpret the meaning of the name-value pair. (Inherited from ICEnroll2) |
| addNameValuePairToSignature | Adds a name-value string pair to the signature. (Inherited from ICEnroll4) |
| binaryToString | Converts a binary data BLOB to a string. (Inherited from ICEnroll4) |
| createFilePFX | Saves the accepted certificate chain and private key in a file in Personal Information Exchange (PFX) format. (Inherited from ICEnroll4) |
| createFilePKCS10 | Creates a base64-encoded PKCS #10 certificate request and saves it in a file. (Inherited from ICEnroll) |
| createFileRequest | Creates a PKCS #10 certificate request, a PKCS #7 request, or a full Certificate Management over CMS (CMC) request and stores it in a file. (Inherited from ICEnroll4) |
| createPFX | Saves the accepted certificate chain and private key in a PFX format string. The PFX format is also known as PKCS #12. (Inherited from ICEnroll4) |
| createPKCS10 | Creates a base64-encoded PKCS #10 certificate request. (Inherited from ICEnroll) |
| createRequest | Creates a PKCS #10, PKCS #7, or full CMC format certificate request and stores it in a string. (Inherited from ICEnroll4) |
| EnumAlgs | Retrieves the IDs of cryptographic algorithms in a given algorithm class that are supported by the current CSP. (Inherited from ICEnroll3) |
| enumContainers | Retrieves the names of the containers for the cryptographic service provider (CSP) specified by the ProviderName property. (Inherited from ICEnroll) |
| enumPendingRequest | Enumerates pending certificate requests and retrieves a specified property from each. (Inherited from ICEnroll4) |
| enumProviders | Retrieves the names of the available CSPs specified by the ProviderType property. (Inherited from ICEnroll) |
| freeRequestInfo | Cleans up the stores if an error occurs. Currently not implemented. (Inherited from ICEnroll) |
| GetAlgName | Retrieves the name of a cryptographic algorithm given its ID. The values retrieved by this method depend on the current CSP. (Inherited from ICEnroll3) |
| getCertFromFileResponse | Retrieves the certificate from a file containing a response from a CA. (Inherited from ICEnroll4) |
| getCertFromPKCS7 | Retrieves the certificate, contained in a PKCS #7 message, that was issued in response to a PKCS #10 certificate request. (Inherited from ICEnroll) |
| getCertFromResponse | Retrieves the certificate from a CA's response. (Inherited from ICEnroll4) |
| GetKeyLen | Retrieves the minimum and maximum key lengths for the signature and exchange keys. (Inherited from ICEnroll3) |
| GetKeyLenEx | Retrieves size information for the signature and exchange keys. (Inherited from ICEnroll4) |
| getProviderType | Retrieves the type of the specified CSP. (Inherited from ICEnroll4) |
| GetSupportedKeySpec | Retrieves information regarding the CSP's support for signature or exchange keys. (Inherited from ICEnroll3) |
| InstallPKCS7 | Processes a certificate or chain of certificates, placing them into the appropriate certificate stores. This method differs from the acceptPKCS7 method in that InstallPKCS7 does not receive a request certificate. (Inherited from ICEnroll3) |
| InstallPKCS7Ex | The same as InstallPKCS7 except that it returns the number of certificates actually installed in local stores. (Inherited from ICEnroll4) |
| removePendingRequest | Removes a pending request from the client's request store. (Inherited from ICEnroll4) |
| Reset | Returns the certificate enrollment control object to its initial state. (Inherited from ICEnroll3) |
| resetAttributes | Removes all attributes from the request. (Inherited from ICEnroll4) |
| resetExtensions | Removes all extensions from the request. (Inherited from ICEnroll4) |
| setPendingRequestInfo | Sets properties for a pending request. (Inherited from ICEnroll4) |
| stringToBinary | Converts an encoded string to a binary data BLOB. (Inherited from ICEnroll4) |
Properties
The CEnroll object has these properties.
| Property | Access type | Description |
|---|---|---|
Read/write |
Sets or retrieves a flag that controls the certificate store when it is opened. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the name of the store where all non-"ROOT" and non-"MY" certificates are kept. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the type of store to use for the store specified by the CAStoreName property. (Inherited from ICEnroll) |
|
Sets or retrieves the client ID request attribute. (Inherited from ICEnroll4) |
||
Read/write |
Sets or retrieves the name of the key container to use. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves a Boolean indicator that controls whether dummy certificates in the request store are deleted. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves a Boolean value that controls whether the PKCS10 will contain a signed attribute for Secure/Multipurpose Internet Mail Extensions (S/MIME) capabilities. (Inherited from ICEnroll3) |
|
Read/write |
Sets or retrieves a Boolean value that controls whether the distinguished name in the request is encoded as a T61 string instead of as a UNICODE string. (Inherited from ICEnroll2) |
|
Read/write |
Sets or retrieves a flag that controls whether a private key is exportable. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the hash algorithm used when signing a PKCS #10 certificate request. (Inherited from ICEnroll3) |
|
Read/write |
Sets or retrieves only the signature hash algorithm used to sign the PKCS #10. (Inherited from ICEnroll) |
|
Sets or retrieves a Boolean value that controls whether a subject key identifier extension is included in the certificate request. (Inherited from ICEnroll4) |
||
Read/write |
Sets or retrieves the type of key generated. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves a Boolean value that controls whether an AT_KEYEXCHANGE request contains digital signature and non-repudiation key usages. (Inherited from ICEnroll3) |
|
Read/write |
Sets the registry location used for the MY store. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the name of the store where certificates with linked private keys are kept. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the type of store specified by the MyStoreName property. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the certificate that is used to archive a private key with a PKCS #7 or CMC request. (Inherited from ICEnroll4) |
|
Read/write |
Sets or retrieves the CSP type. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the name of the CSP to use. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the type of provider. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the name of the file that will contain exported keys. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the registry location used for the REQUEST store. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the name of the store that contains the dummy certificate. This dummy certificate, along with the added private keys, remains in the request store until a certification authority processes the request and responds with a PKCS #7. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the type of store to use for the store specified by the RequestStoreName property. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves a Boolean value that determines the action taken by the certificate enrollment control object if an error is encountered when generating a new key. (Inherited from ICEnroll3) |
|
Read/write |
Sets or retrieves the registry location used for the ROOT store. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the name of the root store where all intrinsically trusted self-signed ROOT certificates are kept. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves the type of store to use for the store specified by the RootStoreName property. (Inherited from ICEnroll) |
|
Sets the signing certificate. (Inherited from ICEnroll4) |
||
Read/write |
Sets or retrieves the name of the file to write the resulting base64-encoded PKCS #7 (in BSTR form) as returned from the certification authority. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves a hash of the certificate data. (Inherited from ICEnroll4) |
|
Read/write |
Sets or retrieves a Boolean value that indicates whether the existing keys should be used. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves a Boolean value that indicates whether a certificate should be written to the CSP. (Inherited from ICEnroll) |
|
Read/write |
Sets or retrieves a Boolean value that controls whether the certificate is written to the user's Active Directory store. (Inherited from ICEnroll2) |
Requirements
Minimum supported client |
Windows XP [desktop apps only] |
Minimum supported server |
Windows Server 2003 [desktop apps only] |