Obtention d’un certificat pour Schannel
L’exemple suivant montre les étapes permettant d’obtenir une structure CERT_CONTEXT qui contient un certificat ; vous devez sélectionner un magasin de certificats et de certificats appropriés pour votre application.
Cet exemple illustre l’ouverture d’un magasin de certificats et la recherche d’un certificat qui sera passé à la fonction AcquireCredentialsHandle , au moyen de la structure SCHANNEL_CRED .
#include <windows.h>
#include <stdio.h>
#pragma comment(lib, "crypt32.lib")
#define MACHINE_NAME "example server"
PCCERT_CONTEXT getServerCertificate ()
{
HCERTSTORE hMyCertStore = NULL;
PCCERT_CONTEXT aCertContext = NULL;
//-------------------------------------------------------
// Open the My store, also called the personal store.
// This call to CertOpenStore opens the Local_Machine My
// store as opposed to the Current_User's My store.
hMyCertStore = CertOpenStore(CERT_STORE_PROV_SYSTEM,
X509_ASN_ENCODING,
0,
CERT_SYSTEM_STORE_LOCAL_MACHINE,
L"MY");
if (hMyCertStore == NULL)
{
printf("Error opening MY store for server.\n");
goto cleanup;
}
//-------------------------------------------------------
// Search for a certificate with some specified
// string in it. This example attempts to find
// a certificate with the string "example server" in
// its subject string. Substitute an appropriate string
// to find a certificate for a specific user.
aCertContext = CertFindCertificateInStore(hMyCertStore,
X509_ASN_ENCODING,
0,
CERT_FIND_SUBJECT_STR_A,
MACHINE_NAME, // use appropriate subject name
NULL
);
if (aCertContext == NULL)
{
printf("Error retrieving server certificate.");
goto cleanup;
}
cleanup:
if(hMyCertStore)
{
CertCloseStore(hMyCertStore,0);
}
return aCertContext;
}