IX509CertificateRequestPkcs10 interface (certenroll.h)
The IX509CertificateRequestPkcs10 interface represents a PKCS #10 certificate request. The public key cryptography standard (PKCS) #10 defines the format of messages sent to a certification or registration authority to request a public-key certificate.
A PKCS #10 ASN.1 request object contains a version identifier, the subject name, a public key and a set of attributes as shown by the following syntax example.
--------------------------------------------------------------------
-- Certificate request.
--------------------------------------------------------------------
CertificationRequestInfo ::= SEQUENCE
{
version CertificationRequestInfoVersion,
subject Name,
subjectPublicKeyInfo SubjectPublicKeyInfo,
attributes [0] IMPLICIT Attributes
}
-------------------------------------------------------
-- Version number.
-------------------------------------------------------
CertificationRequestInfoVersion ::= INTEGER
-------------------------------------------------------
-- Subject distinguished name (DN).
-------------------------------------------------------
Name ::= SEQUENCE OF RelativeDistinguishedName
RelativeDistinguishedName ::= SET OF AttributeTypeValue
AttributeTypeValue ::= SEQUENCE
{
type EncodedObjectID,
value ANY
}
-------------------------------------------------------
-- Public key information.
-------------------------------------------------------
SubjectPublicKeyInfo ::= SEQUENCE
{
algorithm AlgorithmIdentifier,
subjectPublicKey BITSTRING
}
-------------------------------------------------------
-- Attributes.
-------------------------------------------------------
Attributes ::= SET OF Attribute
Attribute ::= SEQUENCE
{
type EncodedObjectID,
values AttributeSetValue
}
The CertificationRequestInfo ASN.1 object is wrapped in a CertificationRequest object as shown by the following syntax. The CertificationRequest object also includes the signature and the signature algorithm. A PKCS #10 request must be signed by the associated private key or null-signed if it is a cross-certification request. You can call the RawData property to retrieve the signed CertificationRequest object, and you can call the RawDataToBeSigned property to retrieve the unsigned CertificationRequestInfo object.
--------------------------------------------------------------------
-- Certificate request.
--------------------------------------------------------------------
CertificationRequest ::= SEQUENCE
{
certificationRequestInfo CertificationRequestInfo,
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING
}
--------------------------------------------
-- Algorithm Identifier
--------------------------------------------
AlgorithmIdentifier ::= SEQUENCE
{
algorithm EncodedObjectID,
parameters ANY OPTIONAL
}
The following properties can be set before calling the Encode method:
- AlternateSignatureAlgorithm
- ClientId
- HashAlgorithm
- ParentWindow
- RenewalCertificate
- Silent
- SuppressDefaults
- UIContextMessage
The following properties must be set, if at all, before calling the Encode method:
Inheritance
The IX509CertificateRequestPkcs10 interface inherits from IX509CertificateRequest. IX509CertificateRequestPkcs10 also has these types of members:
Methods
The IX509CertificateRequestPkcs10 interface has these methods.
| IX509CertificateRequestPkcs10::CheckSignature Verifies that the certificate request has been signed and that the signature is valid. (IX509CertificateRequestPkcs10.CheckSignature) |
| IX509CertificateRequestPkcs10::get_CriticalExtensions Retrieves an IObjectIds collection that identifies the version 3 certificate extensions marked as critical. (IX509CertificateRequestPkcs10.get_CriticalExtensions) |
| IX509CertificateRequestPkcs10::get_CryptAttributes Retrieves an ICryptAttributes collection of optional certificate attributes. (IX509CertificateRequestPkcs10.get_CryptAttributes) |
| IX509CertificateRequestPkcs10::get_CspStatuses Retrieves a collection of ICspStatus objects that matches the intended use of the private key associated with the certificate request. |
| IX509CertificateRequestPkcs10::get_KeyContainerNamePrefix Specifies or retrieves a prefix used to create the container name for a new private key. (Get) |
| IX509CertificateRequestPkcs10::get_NullSigned Retrieves a Boolean value that indicates whether the certificate request is null-signed. |
| IX509CertificateRequestPkcs10::get_OldCertificate Retrieves the certificate passed to the InitializeFromCertificate method. |
| IX509CertificateRequestPkcs10::get_PrivateKey Retrieves an IX509PrivateKey object that contains the private key used to sign the certificate request. |
| IX509CertificateRequestPkcs10::get_PublicKey Retrieves the IX509PublicKey object that contains the public key included in the certificate request. |
| IX509CertificateRequestPkcs10::get_RawDataToBeSigned Retrieves the unsigned certificate request created by the Encode method. |
| IX509CertificateRequestPkcs10::get_ReuseKey Retrieves a Boolean value that indicates whether an existing private key was used to sign the request. |
| IX509CertificateRequestPkcs10::get_Signature Retrieves the request signature created by the Encode method. |
| IX509CertificateRequestPkcs10::get_SignatureInformation Retrieves the IX509SignatureInformation object that contains information about the certificate request signature. |
| IX509CertificateRequestPkcs10::get_SmimeCapabilities Specifies or retrieves a Boolean value that tells the Encode method whether to create an IX509ExtensionSmimeCapabilities collection that identifies the encryption capabilities supported by the computer. (Get) |
| IX509CertificateRequestPkcs10::get_Subject Specifies or retrieves the X.500 distinguished name of the entity requesting the certificate. (Get) |
| IX509CertificateRequestPkcs10::get_SuppressOids Retrieves a collection of the default extension and attribute object identifiers (OIDs) that were not added to the request when the request was encoded. |
| IX509CertificateRequestPkcs10::get_TemplateObjectId Retrieves the object identifier (OID) of the template used to create the certificate request. (IX509CertificateRequestPkcs10.get_TemplateObjectId) |
| IX509CertificateRequestPkcs10::get_X509Extensions Retrieves a collection of the extensions included in the certificate request. (IX509CertificateRequestPkcs10.get_X509Extensions) |
| IX509CertificateRequestPkcs10::GetCspStatuses Retrieves an ICspStatuses collection that contains all provider/algorithm pairs consistent with the intended use of the private key as specified by the caller. |
| IX509CertificateRequestPkcs10::InitializeDecode Decodes an existing signed or unsigned PKCS (IX509CertificateRequestPkcs10.InitializeDecode) |
| IX509CertificateRequestPkcs10::InitializeFromCertificate Initializes the certificate request by using an existing certificate. (IX509CertificateRequestPkcs10.InitializeFromCertificate) |
| IX509CertificateRequestPkcs10::InitializeFromPrivateKey Initializes the certificate request by using an IX509PrivateKey object and, optionally, a template. |
| IX509CertificateRequestPkcs10::InitializeFromPublicKey Initializes a null-signed certificate request by using an IX509PublicKey object and, optionally, a template. |
| IX509CertificateRequestPkcs10::InitializeFromTemplateName . (IX509CertificateRequestPkcs10.InitializeFromTemplateName) |
| IX509CertificateRequestPkcs10::IsSmartCard Retrieves a Boolean value that indicates whether any of the cryptographic providers associated with the request object is a smart card provider. |
| IX509CertificateRequestPkcs10::put_KeyContainerNamePrefix Specifies or retrieves a prefix used to create the container name for a new private key. (Put) |
| IX509CertificateRequestPkcs10::put_SmimeCapabilities Specifies or retrieves a Boolean value that tells the Encode method whether to create an IX509ExtensionSmimeCapabilities collection that identifies the encryption capabilities supported by the computer. (Put) |
| IX509CertificateRequestPkcs10::put_Subject Specifies or retrieves the X.500 distinguished name of the entity requesting the certificate. (Put) |
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | certenroll.h |