[The Open method is available for use in the operating systems specified in the Requirements section. Instead, use the X509Store Class in the System.Security.Cryptography.X509Certificates
namespace.]
The Open method opens a specified certificate store. By default, the CAPICOM_CURRENT_USER_STORE location and CAPICOM_MY_STORE store are opened as read-only.
Syntax
Function Open( _
[ ByVal StoreLocation ], _
[ ByVal StoreName ], _
[ ByVal OpenMode ] _
)
Parameters
- StoreLocation [in, optional]
-
A value of the CAPICOM_STORE_LOCATION enumeration that indicates the location of the store to be opened. The default value is CAPICOM_CURRENT_USER_STORE. This parameter can be one of the following values.
| Value | Meaning |
|---|
- CAPICOM_ACTIVE_DIRECTORY_USER_STORE
| The store is an Active Directory store. No error will be generated if an Active Directory store is opened as read/write, but any changes to the store will not be persisted. Certificates cannot be added to or removed from Active Directory stores.
|
- CAPICOM_CURRENT_USER_STORE
| The store is a current user store. A current user store may be a read/write store. If it is, changes in the contents of the store are persisted.
|
- CAPICOM_LOCAL_MACHINE_STORE
| The store is a local computer store. Local computer stores can be read/write stores only if the user has read/write permissions. If the user has read/write permissions and if the store is opened read/write, then changes in the contents of the store are persisted.
|
- CAPICOM_MEMORY_STORE
| The store is a memory store. Any changes in the contents of the store are not persisted.
|
- CAPICOM_SMART_CARD_USER_STORE
| The store is the group of present smart cards. Introduced in CAPICOM 2.0.
|
- StoreName [in, optional]
-
A string that contains the name of the system certificate store to be opened. The default value is CAPICOM_MY_STORE.
If the store is opened from a Web script, the backslash (\) character is not allowed in the name. In addition to stores defined by the system, user-defined stores can be opened.
This parameter can be a user-defined store or one of the following system certificate stores.
| Value | Meaning |
|---|
- CAPICOM_CA_STORE
| CA store. This store is used to store intermediate CA certificates.
|
- CAPICOM_MY_STORE
| My store. This store is used for a user's personal certificates.
|
- CAPICOM_OTHER_STORE
| AddressBook store. This store is used to keep the certificates of others.
|
- CAPICOM_ROOT_STORE
| Root store. This store is used to store the root CA and self-signed, trusted certificates.
|
- OpenMode [in, optional]
-
A value of the CAPICOM_STORE_OPEN_MODE enumeration that indicates the open mode of the store. The default value is CAPICOM_STORE_OPEN_READ_ONLY. If the store is opened from a Web script, this value is forced to CAPICOM_STORE_OPEN_EXISTING_ONLY. This parameter can be one of the following values.
| Value | Meaning |
|---|
- CAPICOM_STORE_OPEN_MAXIMUM_ALLOWED
| Open the store in read/write mode if the user has read/write permissions; otherwise, open the store in read-only mode.
|
- CAPICOM_STORE_OPEN_READ_ONLY
| Open the store in read-only mode.
|
- CAPICOM_STORE_OPEN_READ_WRITE
| Open the store in read/write mode.
|
The following flags can be combined with the values in the previous table by using a logical-OR operation.
| Value | Meaning |
|---|
- CAPICOM_STORE_OPEN_EXISTING_ONLY
| Open existing stores only; do not create a new store. Introduced in CAPICOM 2.0.
|
- CAPICOM_STORE_OPEN_INCLUDE_ARCHIVED
| Include archived certificates when using the store.
Introduced in CAPICOM 2.0.
|
Stores in some locations can be opened only in read-only mode. These include all stores in CAPICOM_LOCAL_MACHINE_STORE for which the user does not have write permissions. Attempts to open a store as a read/write store without proper access and permissions will result in the failure of the Open method. Active Directory stores can be opened as a read/write store without failure of the Open method, but changes to the store will not be persisted.
Remarks
If this method is called on a SmartCard store, additional SmartCard user interfaces may be invoked.
Important When this method is called from a Web script, the script needs to access digital certificates on the local computer. If you allow the script to access your digital certificates, the Web site from which the script is run will also gain access to any personal information stored in the certificates. The first time this method is called from a particular domain, a dialog box is generated in which the user must indicate whether access to the certificates should be allowed. Stores opened from a Web script automatically force the CAPICOM_STORE_OPEN_EXISTING_ONLY flag.
If StoreLocation is CAPICOM_SMART_CARD_USER_STORE, StoreName is ignored. In this case, CAPICOM reads all certificates from all available readers that contain a smart card.
Requirements
| Redistributable | CAPICOM 2.0 or later on
Windows Server 2003, Windows XP, Windows 2000 Server with SP3 and later, and Windows 2000 Professional with SP3 and later |
|---|
| DLL | Capicom.dll |
|---|
See Also
- Store
- Cryptography Objects
- Close
Send comments about this topic to Microsoft
Build date: 11/16/2009