IEnroll::createPKCS10WStr method (xenroll.h)
[This method is no longer available for use as of Windows Server 2008 and Windows Vista.]
The createPKCS10WStr method creates a base64-encoded PKCS #10 certificate request. This method was first defined in the IEnroll interface.
This base64-encoded PKCS #10 certificate request (in BSTR form) can be submitted to a certification authority to request that a certificate be issued to the person or entity whose information it contains.
Syntax
HRESULT createPKCS10WStr(
[in] LPCWSTR DNName,
[in] LPCWSTR Usage,
[out] PCRYPT_DATA_BLOB pPkcs10Blob
);
Parameters
[in] DNName
A null-terminated Unicode string that contains the distinguished name (DN) of the entity for which the request is being made. In this parameter, the DN name must follow the X.500 naming convention. For example "CN=User, O=Microsoft". If a two-letter prefix does not exist, an object identifier (OID) may be provided instead.
[in] Usage
A null-terminated Unicode string that contains an OID that describes the purpose of the certificate being generated. For example, Individual or Commercial Authenticode certificate, or Client Authentication. You can also specify multiple OIDs separated by a comma.
The OID is passed through to the PKCS #10 request. For general extensibility and ease of understanding, the control does not attempt to understand specific-purpose OIDs. Therefore if you specify a Client Authentication OID, the generated key will still be a signature key, not an exchange key.
[out] pPkcs10Blob
A pointer to a CRYPT_DATA_BLOB that receives the base64-encoded PKCS10 certificate request.
When you have finished using this memory, free it by passing the pbData member of this structure to the CoTaskMemFree function.
Return value
If the method succeeds, the method returns S_OK and pPkcs10Blob contains a base64-encoded PKCS #10 request that can be directly posted to a web server for processing.
If the method fails, it returns an HRESULT value that indicates the error. For a list of common error codes, see Common HRESULT Values.
Remarks
By default, the Microsoft Base Cryptographic Provider is used, PROV_RSA_FULL is the provider type, a signature key is created, and a unique new key set is created.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Target Platform | Windows |
| Header | xenroll.h |
| Library | Uuid.lib |
| DLL | Xenroll.dll |