Store.Open method

[The Open method is available for use in the operating systems specified in the Requirements section. Instead, use the X509Store Class in the System.Security.Cryptography.X509Certificates namespace.]

The Open method opens a specified certificate store. By default, the CAPICOM_CURRENT_USER_STORE location and CAPICOM_MY_STORE store are opened as read-only.

Syntax

Store.Open( _
  [ ByVal StoreLocation ], _
  [ ByVal StoreName ], _
  [ ByVal OpenMode ] _
)

Parameters

StoreLocation [in, optional]

A value of the CAPICOM_STORE_LOCATION enumeration that indicates the location of the store to be opened. The default value is CAPICOM_CURRENT_USER_STORE. This parameter can be one of the following values.

Value Meaning
CAPICOM_ACTIVE_DIRECTORY_USER_STORE
The store is an Active Directory store. No error will be generated if an Active Directory store is opened as read/write, but any changes to the store will not be persisted. Certificates cannot be added to or removed from Active Directory stores.
CAPICOM_CURRENT_USER_STORE
The store is a current user store. A current user store may be a read/write store. If it is, changes in the contents of the store are persisted.
CAPICOM_LOCAL_MACHINE_STORE
The store is a local computer store. Local computer stores can be read/write stores only if the user has read/write permissions. If the user has read/write permissions and if the store is opened read/write, then changes in the contents of the store are persisted.
CAPICOM_MEMORY_STORE
The store is a memory store. Any changes in the contents of the store are not persisted.
CAPICOM_SMART_CARD_USER_STORE
The store is the group of present smart cards. Introduced in CAPICOM 2.0.

 

StoreName [in, optional]

A string that contains the name of the system certificate store to be opened. The default value is CAPICOM_MY_STORE. If the store is opened from a web script, the backslash (\) character is not allowed in the name. In addition to stores defined by the system, user-defined stores can be opened.

This parameter can be a user-defined store or one of the following system certificate stores.

Value Meaning
CAPICOM_CA_STORE
CA store. This store is used to store intermediate CA certificates.
CAPICOM_MY_STORE
My store. This store is used for a user's personal certificates.
CAPICOM_OTHER_STORE
AddressBook store. This store is used to keep the certificates of others.
CAPICOM_ROOT_STORE
Root store. This store is used to store the root CA and self-signed, trusted certificates.

 

OpenMode [in, optional]

A value of the CAPICOM_STORE_OPEN_MODE enumeration that indicates the open mode of the store. The default value is CAPICOM_STORE_OPEN_READ_ONLY. If the store is opened from a web script, this value is forced to CAPICOM_STORE_OPEN_EXISTING_ONLY. This parameter can be one of the following values.

Value Meaning
CAPICOM_STORE_OPEN_MAXIMUM_ALLOWED
Open the store in read/write mode if the user has read/write permissions; otherwise, open the store in read-only mode.
CAPICOM_STORE_OPEN_READ_ONLY
Open the store in read-only mode.
CAPICOM_STORE_OPEN_READ_WRITE
Open the store in read/write mode.

 

The following flags can be combined with the values in the previous table by using a logical-OR operation.

Value Meaning
CAPICOM_STORE_OPEN_EXISTING_ONLY
Open existing stores only; do not create a new store. Introduced in CAPICOM 2.0.
CAPICOM_STORE_OPEN_INCLUDE_ARCHIVED
Include archived certificates when using the store. Introduced in CAPICOM 2.0.

 

Stores in some locations can be opened only in read-only mode. These include all stores in CAPICOM_LOCAL_MACHINE_STORE for which the user does not have write permissions. Attempts to open a store as a read/write store without proper access and permissions will result in the failure of the Open method. Active Directory stores can be opened as a read/write store without failure of the Open method, but changes to the store will not be persisted.

Return value

This method does not return a value.

Remarks

If this method is called on a SmartCard store, additional SmartCard user interfaces may be invoked.

Important

When this method is called from a web script, the script needs to access digital certificates on the local computer. If you allow the script to access your digital certificates, the website from which the script is run will also gain access to any personal information stored in the certificates. The first time this method is called from a particular domain, a dialog box is generated in which the user must indicate whether access to the certificates should be allowed. Stores opened from a web script automatically force the CAPICOM_STORE_OPEN_EXISTING_ONLY flag.

 

If StoreLocation is CAPICOM_SMART_CARD_USER_STORE, StoreName is ignored. In this case, CAPICOM reads all certificates from all available readers that contain a smart card.

Requirements

Requirement Value
Redistributable
CAPICOM 2.0 or later on Windows Server 2003 and Windows XP
DLL
Capicom.dll

See also

Store

Cryptography Objects

Close