Export (0) Print
Expand All

InstallResponseRestrictionFlags enumeration

The InstallResponseRestrictionFlags enumeration contains flags that identify the restrictions placed on the local installation of a certificate chain. This enumeration is used by the InstallResponse method on the IX509Enrollment interface.

Syntax


typedef enum  { 
  AllowNone                  = 0x00000000,
  AllowNoOutstandingRequest  = 0x00000001,
  AllowUntrustedCertificate  = 0x00000002,
  AllowUntrustedRoot         = 0x00000004
} InstallResponseRestrictionFlags;

Constants

AllowNone

Does not allow the installation of untrusted certificates or certificates for which there is no corresponding request.

AllowNoOutstandingRequest

Creates the private key from the certificate response rather than from the dummy certificate. This makes the dummy certificate optional. If this value is not set, the dummy certificate must exist, and the private key is extracted from it.

AllowUntrustedCertificate

Installs untrusted end entity and certification authority certificates. Certification authority certificates include root and subordinate certification authority certificates. End entity certificates are installed to the personal store, and certification authority certificates are installed to the certification authority store.

AllowUntrustedRoot

Performs the same action as the AllowUntrustedCertificate flag but also installs the certificate even if the certificate chain cannot be built because the root is not trusted.

Note  On Windows Vista, the behavior of this flag is the same as that defined for the AllowUntrustedCertificate flag. You can install an untrusted root beginning with Windows Vista with SP1.

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

CertEnroll.h

See also

CertEnroll Enumerations
CertEnroll Interfaces
InstallResponse

 

 

Community Additions

ADD
Show:
© 2014 Microsoft