Edit

Share via

IX509CertificateRequestCmc2::InitializeFromInnerRequestTemplate method (certenroll.h)

  • Article

The InitializeFromInnerRequestTemplate method initializes the certificate request from an inner request object and a template.

Syntax

HRESULT InitializeFromInnerRequestTemplate(
  [in] IX509CertificateRequest     *pInnerRequest,
  [in] IX509EnrollmentPolicyServer *pPolicyServer,
  [in] IX509CertificateTemplate    *pTemplate
);

Parameters

[in] pInnerRequest

Pointer to an IX509CertificateRequest interface that represents the inner request object. This can be a PKCS #10 or a CMC request.

[in] pPolicyServer

Pointer to an IX509EnrollmentPolicyServer object that represents the certificate enrollment policy (CEP) server that contains the template specified by the pTemplate parameter.

[in] pTemplate

Pointer to an IX509CertificateTemplate object that represents the template to use during initialization.

Return value

If the function succeeds, the function returns S_OK.

If the function fails, it returns an HRESULT value that indicates the error. Possible values include, but are not limited to, those in the following table. For a list of common error codes, see Common HRESULT Values.

Return code/value Description
CRYPT_E_INVALID_MSG_TYPE
 The request object passed to the pInnerRequest parameter must be a PKCS #10 or a CMC request.
E_POINTER
 The pInnerRequest, pPolicyServer, and pTemplate parameters cannot be NULL.
HRESULT_FROM_WIN32(ERROR_ALREADY_INITIALIZED)
 The request object has already been initialized.

Remarks

By specifying a template, you can add information to the outer request object that may not be contained in the inner request. For example, if the inner request does not contain the necessary extensions, you can supply a template that does.

The InitializeFromInnerRequestTemplate method:

  • Creates an empty ICryptAttributes collection.
  • Creates an empty IX509NameValuePairs collection.
  • Creates an empty IX509Extensions collection.
  • Creates an IObjectIds collection for critical extensions and adds the XCN_OID_KEY_USAGE and XCN_OID_BASIC_CONSTRAINTS2 object identifiers (OIDs).
  • Creates an empty IObjectIds collection of OIDs to be suppressed from the request object.
  • Creates an empty ISignerCertificates collection.
  • Retrieves private key flags from the template.
  • Sets the ArchivePrivateKey property if required by the template flags or settings.
  • Retrieves the encryption algorithm from the template if one is specified and sets the EncryptionAlgorithm property.
  • Sets the EncryptionStrength property if possible.

Requirements

Requirement Value
Minimum supported client Windows 7 [desktop apps only]
Minimum supported server Windows Server 2008 R2 [desktop apps only]
Target Platform Windows
Header certenroll.h

See also

IX509CertificateRequestCmc2