ICertServerPolicy interface
The ICertServerPolicy interface allows the policy module to communicate with Certificate Services.
Note Certificate Services communicates with the policy module through the ICertPolicy2 interface.
The ICertServerPolicy interface is exported by the server engine and is called by the policy module to perform the following tasks:
- Specify which certificate request is used as the current context for subsequent operations.
- Enumerate and retrieve the extensions (including extension flags) of a certificate request, and set the extensions of the issued certificate.
- Enumerate and retrieve request attributes.
- Retrieve certificate request properties.
- Retrieve and set certificate properties.
From the time the ICertPolicy::VerifyRequest method is called until it returns, the unresolved request and certificate under construction can be accessed through a Context data object. Because the policy module can add to or override request properties by calling ICertServerPolicy::SetCertificateProperty, certificate properties can differ from request properties.
ICertServerPolicy is defined in Certif.h. When you create your program, however, use Certsrv.h as the include file. Certcli.dll provides the ICertServerPolicy interface. The type information for this interface is also in Certclil.dll, which is shipped with the Platform Software Development Kit (SDK).
Certificate Services interfaces support both apartment-threading and free-threading models. For better throughput, free threading is recommended.
Members
The ICertServerPolicy interface inherits from the IDispatch interface. ICertServerPolicy also has these types of members:
Methods
The ICertServerPolicy interface has these methods.
| Method | Description |
|---|---|
| EnumerateAttributes |
Retrieves the name of the current attribute and moves the internal enumeration pointer to the next attribute. |
| EnumerateAttributesClose |
Frees the resources connected with attribute enumeration. |
| EnumerateAttributesSetup |
Initializes the internal enumeration pointer to the first request attribute associated with the current context. |
| EnumerateExtensions |
Retrieves the OID of the current extension and moves the internal enumeration pointer to the next extension. |
| EnumerateExtensionsClose |
Frees the resources connected with extension enumeration. |
| EnumerateExtensionsSetup |
Initializes the internal enumeration pointer to the first certificate extension associated with the current context. |
| GetCertificateExtension |
Retrieves a specific certificate extension. |
| GetCertificateExtensionFlags |
Retrieves the flags associated with the extension acquired by the most recent call to GetCertificateExtension. |
| GetCertificateProperty |
Returns a named certificate property. |
| GetRequestAttribute |
Returns a named request attribute. |
| GetRequestProperty |
Retrieves a specific property from a request. |
| SetCertificateExtension |
Adds a new extension to the certificate to be issued for the current context. |
| SetCertificateProperty |
Causes the server engine to add a named property to a certificate. |
| SetContext |
Specifies the certificate request to be used as the context for subsequent calls to Certificate Services. |
Requirements
|
Minimum supported client | None supported [desktop apps only] |
|---|---|
|
Minimum supported server | Windows Server 2003 [desktop apps only] |
|
Header |
|
|
Library |
|
|
DLL |
|
|
IID |
IID_ICertServerPolicy is defined as AA000922-FFBE-11CF-8800-00A0C903B83C |
See also
- ICertRequest
- ICertPolicy::VerifyRequest
- ICertRequest::Submit
- ICertAdmin::ResubmitRequest
- ICertAdmin::SetRequestAttributes
Send comments about this topic to Microsoft
Build date: 10/26/2012
