CertAddCertificateLinkToStore

This function adds a link in a certificate store to a certificate context in a different store. Instead of creating and adding a duplicate of the certificate context, this function adds a link to the original certificate.

BOOL WINAPI CertAddCertificateLinkToStore(
  HCERTSTORE hCertStore,
  PCCERT_CONTEXT pCertContext,
  DWORD dwAddDisposition,
  PCCERT_CONTEXT* ppStoreContext
); 

Parameters

  • hCertStore
    [in] Handle to the certificate store where the link is to be added.
  • pCertContext
    [in] Pointer to the CERT_CONTEXT structure to be linked.
  • dwAddDisposition
    [in] Specifies the action to take if a matching certificate or a link to a matching certificate already exists in the store. The following table shows the currently defined disposition values and their uses.
    Value Description
    CERT_STORE_ADD_ALWAYS The function makes no check for an existing matching certificate or link to a matching certificate. A new certificate is always added to the store. This can lead to duplicates in a store.
    CERT_STORE_ADD_NEW If a matching certificate or a link to a matching certificate exists, the operation fails. The GetLastError function returns the CRYPT_E_EXISTS code.
    CERT_STORE_ADD_NEWER If a matching certificate or a link to a matching certificate exists, the function compares the NotBefore times on the certificates. If the existing certificate has a NotBefore time less than the NotBefore time on the new certificate, the old certificate or link is replaced just as with CERT_STORE_ADD_REPLACE_EXISTING. If the existing certificate has a NotBefore time greater than or equal to the NotBefore time on the certificate to be added, the function fails with the GetLastError function returning the CRYPT_E_EXISTS code.

    If a matching certificate or a link to a matching certificate is not found in the store, a new certificate is added to the store.

    CERT_STORE_ADD_REPLACE_EXISTING If a link to a matching certificate exists, that existing link is deleted and a new link is created and added to the store. If no matching certificate or link to a matching certificate exists, one is added.
    CERT_STORE_ADD_USE_EXISTING If a matching certificate or a link to a matching certificate exists, the existing certificate is used. The function does not fail, but no new link is added. If no matching certificate or link to a matching certificate exists, a new link is added.
  • ppStoreContext
    [out] Optional. Pointer to a pointer to a copy of the link created. This parameter can be NULL to indicate that a copy of the link is not needed. If a copy of the link is created, that copy must be freed using the CertFreeCertificateContext function.

Return Values

If the function succeeds, the return value is TRUE.

If the function fails, the return value is FALSE.

For extended error information, call the GetLastError function. The following table shows some possible error codes.

Value Description
CRYPT_E_EXISTS For a dwAddDisposition parameter of CERT_STORE_ADD_NEW, the certificate already exists in the store.
E_INVALIDARG An invalid disposition value was specified in the dwAddDisposition parameter.

Remarks

Because the link provides access to the original certificate context, setting an extended property in the linked certificate context changes that extended property in the certificate's original location and in any other links to that certificate.

If links are used and the CertCloseStore function is called with CERT_CLOSE_STORE_FORCE_FLAG, the store using links must be closed before the store containing the original contexts is closed. If CERT_CLOSE_STORE_FORCE_FLAG is not used, the two stores can be closed in either order.

Requirements

OS Versions: Windows CE 3.0 and later.
Header: Wincrypt.h.
Link Library: Crypt32.lib.

See Also

CertCloseStore | CertFreeCertificateContext | CertOpenStore | CertOpenSystemStore | CERT_CONTEXT

 Last updated on Thursday, April 08, 2004

© 1992-2003 Microsoft Corporation. All rights reserved.