Historical Content Alert
This is a historical content for Windows NT 4.0 product and is presented for informative purposes only. All content in this directory is copyrighted and owned by Microsoft.Certificate Enrollment Control Properties
The setting of specific properties modifies the behavior of some methods. Each property is read/write, has an initialized default, and a set of acceptable values. While a property may be set at anytime, for them to have effect, they should be set before calls to the methods for which they are to control behavior.
| Property | Description |
|---|---|
| CAStoreFlags | The CAStoreFlags are passed directly to CertOpenStore when the Certification Authority (CA) store is opened. |
| CAStoreName | The CAStoreName property specifies where all non-"ROOT" and non-"MY" certificates are kept. |
| CAStoreType | The CAStoreType property specifies the type of store to use for the store specified by the CAStoreName property. |
| ContainerName | The ContainerName property specifies the name of the key container to use. |
| DeleteRequestCert | The DeleteRequestCert property is used to control whether deletion occurs on a dummy certificate created for the purpose of persisting the keys generated for the PKCS 10 request for a certificate to be issued. |
| GenKeyFlags | The GenKeyFlags are passed directly to calls made to CryptGenKey. |
| HashAlgorithm | The HashAlgorithm refers only to the signature hash algorithm used to sign the PKCS 10. |
| KeySpec | The KeySpec is used to specify the key type to be generated. |
| MyStoreFlags | The MyStoreFlags are passed directly to CertOpenStore when the MY store is opened. |
| MyStoreName | The MyStoreName property specifies where certificates with linked private keys are kept. |
| MyStoreType | The MyStoreType property specifies the type of store to use for the store specified by the MyStoreName property. |
| ProviderFlags | The ProviderFlags is dependent on the provider in use. |
| ProviderName | The ProviderName property specifies the cryptographic service provider (CSP) to use. |
| ProviderType | The ProviderType is dependent on the provider in use. |
| PVKFileName | If the cryptographic service provider can support exporting of private keys, and it is desired to do so, setting the PVKFileName property will attempt to generate the private keys as exportable and write the private key (as well as the public key) to the file specified by the PVKFileName property. |
| RequestStoreFlags | The RequestStoreFlags are passed directly to CertOpenStore when the REQUEST store is opened. |
| RequestStoreName | The RequestStoreName property specifies the certificate store used to store the dummy certificate to which the private keys have been added, until a certificate server processes the request and responds with a PKCS 7. |
| RequestStoreType | The RequestStoreType property specifies the type of store to use for the store specified by the RequestStoreName property. |
| RootStoreFlags | The RootStoreFlags are passed directly to CertOpenStore when the ROOT store is opened. |
| RootStoreName | The RootStoreName property specifies where all intrinsically trusted self-signed ROOT certificates are kept. |
| RootStoreType | The RootStoreType property specifies the type of store to use for the store specified by the RootStoreName property. |
| SPCFileName | The SPCFileName property specifies a file to write the resulting PKCS 7 (in BSTR form) as returned from the Certificate Server. |
| UseExistingKeySet | The UseExistingKeySet property must be set to TRUE if an existing key set is to be used instead of generating a new one. |
| WriteCertToCSP | The WriteCertToCSP property specifies whether a certificate can be written to the cryptographic service provider. |