Export (0) Print
Expand All

ICertServerPolicy interface

The ICertServerPolicy interface allows the policy module to communicate with Certificate Services.

Note  Certificate Services communicates with the policy module through the ICertPolicy2 interface.

The ICertServerPolicy interface is exported by the server engine and is called by the policy module to perform the following tasks:

  • Specify which certificate request is used as the current context for subsequent operations.
  • Enumerate and retrieve the extensions (including extension flags) of a certificate request, and set the extensions of the issued certificate.
  • Enumerate and retrieve request attributes.
  • Retrieve certificate request properties.
  • Retrieve and set certificate properties.

From the time the ICertPolicy::VerifyRequest method is called until it returns, the unresolved request and certificate under construction can be accessed through a Context data object. Because the policy module can add to or override request properties by calling ICertServerPolicy::SetCertificateProperty, certificate properties can differ from request properties.

ICertServerPolicy is defined in Certif.h. When you create your program, however, use Certsrv.h as the include file. Certcli.dll provides the ICertServerPolicy interface. The type information for this interface is also in Certclil.dll, which is shipped with the Platform Software Development Kit (SDK).

Certificate Services interfaces support both apartment-threading and free-threading models. For better throughput, free threading is recommended.

Members

The ICertServerPolicy interface inherits from the IDispatch interface. ICertServerPolicy also has these types of members:

Methods

The ICertServerPolicy interface has these methods.

MethodDescription
EnumerateAttributes

Retrieves the name of the current attribute and moves the internal enumeration pointer to the next attribute.

EnumerateAttributesClose

Frees the resources connected with attribute enumeration.

EnumerateAttributesSetup

Initializes the internal enumeration pointer to the first request attribute associated with the current context.

EnumerateExtensions

Retrieves the OID of the current extension and moves the internal enumeration pointer to the next extension.

EnumerateExtensionsClose

Frees the resources connected with extension enumeration.

EnumerateExtensionsSetup

Initializes the internal enumeration pointer to the first certificate extension associated with the current context.

GetCertificateExtension

Retrieves a specific certificate extension.

GetCertificateExtensionFlags

Retrieves the flags associated with the extension acquired by the most recent call to GetCertificateExtension.

GetCertificateProperty

Returns a named certificate property.

GetRequestAttribute

Returns a named request attribute.

GetRequestProperty

Retrieves a specific property from a request.

SetCertificateExtension

Adds a new extension to the certificate to be issued for the current context.

SetCertificateProperty

Causes the server engine to add a named property to a certificate.

SetContext

Specifies the certificate request to be used as the context for subsequent calls to Certificate Services.

 

Requirements

Minimum supported client

None supported

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Certif.h (include Certsrv.h)

Library

Certidl.lib

DLL

Certcli.dll

IID

IID_ICertServerPolicy is defined as AA000922-FFBE-11CF-8800-00A0C903B83C

See also

ICertRequest
ICertPolicy::VerifyRequest
ICertRequest::Submit
ICertAdmin::ResubmitRequest
ICertAdmin::SetRequestAttributes

 

 

Community Additions

ADD
Show:
© 2014 Microsoft