Historical Content Alert

This is a historical content for Windows NT 4.0 product and is presented for informative purposes only. All content in this directory is copyrighted and owned by Microsoft.


The SetCertificateExtension method adds a new extension to the certificate to be issued.

[VB] void SetCertificateExtension(
  BSTR strConfig,         
  long RequestId,         
  BSTR strExtensionName,  
  long Type,              
  long Flags,             
  VARIANT pvarValue       
[JAVA] void SetCertificateExtension(
  java.lang.String strConfig,         
  int RequestId,                      
  java.lang.String strExtensionName,  
  int Type,                           
  int Flags,                          
  com.ms.Variant pvarValue            
[C++] HRESULT SetCertificateExtension(
  BSTR const strConfig,      // in
  LONG RequestId,            // in
  BSTR const strExtensionName,  // in
  LONG Type,                 // in
  LONG Flags,                // in
  VARIANT const * pvarValue  // in


[VB][JAVA][C++] strConfig
Points to a valid configuration string for the certificate server. See ICertConfig::GetConfig.
[VB][JAVA][C++] RequestId
Specifies the ID of the request to resubmit.
[VB][JAVA][C++] strExtensionName
Specifies the Object ID (OID) for the extension to set. In this release the string must be 31 or less non-null characters in length.
[VB][JAVA][C++] Type
Specifies the type of extension being set. The Type parameter must agree with the data type of pvarValue that is set in the vt field of the VARIANT structure. See Data Types. The Type parameter can be set to one of the following.
Type Description
PROPTYPE_LONG Signed long data

[VB][JAVA][C++] Flags
Specifies the flags for the extension being set. Use a value of 0 if no flag is to be set, or one of the following flag values.
Flag Value Explanation
EXTENSION_CRITICAL_FLAG This is a critical extension
EXTENSION_DISABLE_FLAG Extension will not be used

Note When ExtFlags is set to EXTENSION_DISABLE_FLAG, the extension will be disabled in the Server Log but will not be added to the certificate.

[VB][JAVA][C++] pvarValue
Specifies the value associated with the extension.

Return Values

This method does not return a value.


The following C++ code sets a revocation URL string and extension critical flag into the certificate:

BSTR strExtensionName = SysAllocString("");
varExt.vt = VT_BSTR;    // initialize type tag field
varExt.bstrVal = SysAllocString("http://UrlTest.htm");

hr = pICertServerPolicy->SetCertificateExtension(
    strConfig,             // assume previously set
RequestId, // assume previously set
strExtensionName, // extension name PROPTYPE_STRING, EXTENSION_CRITICAL_FLAG, &varExt); // Use the strAttributeValue ... // free it when done if (NULL != strExtensionName) { SysFreeString(strExtensionName); } VariantClear(&varExt);

Share this article: