X509CertificateTemplatePrivateKeyFlag enumeration
The X509CertificateTemplatePrivateKeyFlag enumeration contains values that specify client actions regarding a private key.
Syntax
typedef enum X509CertificateTemplatePrivateKeyFlag { PrivateKeyRequireArchival = CT_FLAG_REQUIRE_PRIVATE_KEY_ARCHIVAL, PrivateKeyExportable = CT_FLAG_EXPORTABLE_KEY, PrivateKeyRequireStrongKeyProtection = CT_FLAG_STRONG_KEY_PROTECTION_REQUIRED, PrivateKeyRequireAlternateSignatureAlgorithm = CT_FLAG_REQUIRE_ALTERNATE_SIGNATURE_ALGORITHM } X509CertificateTemplatePrivateKeyFlag;
Constants
- PrivateKeyRequireArchival
-
Instructs the client to create a key archival certificate request.
- PrivateKeyExportable
-
Instructs the client to allow other applications to export the private key to a Personal Information Exchange (PFX) message. The message is typically saved in a file with a .pfx extension.
- PrivateKeyRequireStrongKeyProtection
-
Instructs the client to use additional protection for the private key.
- PrivateKeyRequireAlternateSignatureAlgorithm
-
If this flag is defined, the client must sign the certificate request by using the PKCS #1 version 2.1 signature format which requires that the hash algorithm OID be encoded into the signature parameters. If this flag is not defined the client must sign the certificate request by using the PKCS #1 version 1.5 signature format which requires that the hash and asymmetric algorithm object identifiers (OIDs) be combined into a single OID and that the signature parameters be set to NULL.
Requirements
|
Minimum supported client | Windows 7 [desktop apps only] |
|---|---|
|
Minimum supported server | Windows Server 2008 R2 [desktop apps only] |
|
Header |
|
Send comments about this topic to Microsoft
Build date: 10/26/2012
