ICertSrvSetup::GetExistingCACertificates method (casetup.h)
The GetExistingCACertificates method gets the collection of CertSrvSetupKeyInformation objects that represent valid certification authority (CA) certificates currently installed on the computer. This method does not change the state of the CCertSrvSetup object.
Syntax
HRESULT GetExistingCACertificates(
[out] ICertSrvSetupKeyInformationCollection **ppVal
);
Parameters
[out] ppVal
The address of a pointer to an ICertSrvSetupKeyInformationCollection interface that can be used to access information for the set of valid CA certificates installed in the "LocalMachine" store.
Return value
None
Remarks
The CertSrvSetupKeyInformationCollection object contains valid certificates. A certificate is considered valid if it satisfies the following criteria:
- Contains an AT_SIGNATURE key that matches the key in the private key container.
- Is self-signed or has basic constraints for a CA.
- Passes chain validation but might have an offline revocation error.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | None supported |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | casetup.h |
| DLL | Certocm.dll |