Sysadmins LV
Vadims Podāns
Vadims Podāns
  • I work at
PKI Solutions
Microsoft Most Valuable Professional: Windows PowerShell
Protected by Copyscape DMCA Takedown Notice Search Tool

Historical Content Alert

This is a historical content for Windows NT 4.0 product and is presented for informative purposes only. All content in this directory is copyrighted and owned by Microsoft.

SetCertificateExtension

The SetCertificateExtension method adds a new extension to the certificate to be issued.

[VB] void SetCertificateExtension(
  BSTR strExtensionName,  
  long Type,              
  long ExtFlags,          
  VARIANT pvarValue       
);
 
[JAVA] void SetCertificateExtension(
  java.lang.String strExtensionName,  
  int Type,                           
  int ExtFlags,                       
  com.ms.Variant pvarValue            
);
 
[C++] HRESULT SetCertificateExtension(
  BSTR const strExtensionName,  // in
  LONG Type,                 // in
  LONG ExtFlags,             // in
  VARIANT const * pvarValue  // in
);

Parameters

[VB][JAVA][C++] strExtensionName
Specifies the Object ID (OID) for the extension to set. In this release the string must be 31 or less non-null characters in length.
[VB][JAVA][C++] Type
Specifies the type of extension being set. The Type parameter must agree with the data type of pvarValue that is set in the vt field of the VARIANT structure. See Data Types. The Type parameter can be set to one of the following types.
Type Description
PROPTYPE_LONG Signed long data
PROPTYPE_DATE Date / Time
PROPTYPE_BINARY Binary data
PROPTYPE_STRING String data


[VB][JAVA][C++] ExtFlags
Specifies the flags for the extension being set. Use a value of 0 if no flag is to be set, or one of the following flag values.
Flag Value Explanation
EXTENSION_CRITICAL_FLAG This is a critical extension
EXTENSION_DISABLE_FLAG Extension will not be used

Note When ExtFlags is set to EXTENSION_DISABLE_FLAG, the extension will be disabled in the Server Log but will not be added to the certificate.

[VB][JAVA][C++] pvarValue
Specifies the value associated with the extension. Must be in decimal format or is assumed to be a string .

Return Values

This method does not return a value.

Comments

The following C++ code sets a revocation URL string and extension critical flag into the certificate:

HRESULT hr;
BSTR strExtensionName = SysAllocString("2.29.38.4");
VARIANT varExt;
varExt.vt = VT_BSTR;    // initialize type tag field
varExt.bstrVal = SysAllocString("http://UrlTest.htm");

hr = pICertServerPolicy->SetCertificateExtension(
    strExtensionName,      // extension name
    PROPTYPE_STRING,
    EXTENSION_CRITICAL_FLAG,
    &varExt);

// Use the strAttributeValue ...

// free it when done
if (NULL != strExtensionName)
{
    SysFreeString(strExtensionName);
}
VariantClear(&varExt);

Also see Setting Certificate Extensions.

Share this article: