Cryptography Interfaces
Cryptography interfaces are categorized according to usage as follows:
- Server Engine Export Interfaces
- Server Engine Import Interfaces
- Encoding Interfaces
- Certificate Enrollment Interfaces
- CAPICOM Interoperability Interfaces
Server Engine Export Interfaces
The following reference topic describe the interfaces that are exported by the server engine and are called by external objects.
| Interface | Description |
|---|---|
| ICertAdmin | Used by administration programs to manage requests, certificates, and revocations. |
| ICertAdmin2 | Used by administration programs to manage requests, certificates, and revocations. Supersedes ICertAdmin. |
| ICertConfig | Used by clients to get information about the available servers. |
| ICertConfig2 | Used by clients to get information about the available servers. Supersedes ICertConfig. |
| ICertGetConfig | Provides functionality for retrieving the public configuration data (specified during client setup) for a Certificate Services server. |
| ICertRequest | Used to send a request to the server and get the results of the request. |
| ICertRequest2 | Used to send a request to the server and get the results of the request. Supersedes ICertRequest. |
| ICertServerExit | Used by exit modules to get certificate and request properties. |
| ICertServerPolicy | Used by the policy module to get and set certificate and request properties. |
| ICertView | Used by clients for viewing the Certificate Services database. |
| ICertView2 | Used by clients for viewing the Certificate Services database. Supersedes ICertView. |
| IEnumCERTVIEWATTRIBUTE | Used by clients to access the certificate attributes for a row in the Certificate Services view. |
| IEnumCERTVIEWCOLUMN | Used by clients to access the data columns of a row in the Certificate Services view. |
| IEnumCERTVIEWEXTENSION | Used by clients to access the certificate extension data for a row in the Certificate Services view. |
| IEnumCERTVIEWROW | Used by clients to enumerate the rows of the Certificate Services view. |
| IOCSPAdmin | Used by administration programs to configure Online Certificate Status Protocol (OCSP) responder servers. |
| IOCSPCAConfiguration | Provides functionality to configure an OCSP responder service to handle status requests for a specific certification authority (CA). |
| IOCSPCAConfigurationCollection | Provides functionality to manage the CA configurations for which an OCSP responder service can handle requests. |
| IOCSPProperty | Provides functionality to configure an OCSP responder server attribute. |
| IOCSPPropertyCollection | Used by administration programs to manage OCSP responder server attributes. |
Server Engine Import Interfaces
The following reference topics describe the interfaces that are imported by the server engine.
| Interface | Description |
|---|---|
| ICertExit | Exported by exit modules. Used by the server engine to deliver finished certificates and revocation information. |
| ICertExit2 | Adds the GetManageModule method to ICertExit. |
| ICertManageModule | Exported by policy or exit modules. Used to display module information or to display a user interface for configuration of the module. |
| ICertPolicy | Exported by the policy module. Used by the server engine to check requests and get properties for certificates. |
| ICertPolicy2 | Adds the GetManageModule method to ICertPolicy. |
Encoding Interfaces
The following reference topics describe the interfaces that can be exported by extension handlers and are imported by the policy module.
| Interface | Description |
|---|---|
| ICertEncodeAltName | Used by the policy module to handle alternate name extensions. |
| ICertEncodeBitString | Used by the policy module to handle bit strings used in certificate extensions. |
| ICertEncodeCRLDistInfo | Used by the policy module to handle certificate revocation list (CRL) distribution information arrays used in certificate extensions. |
| ICertEncodeDateArray | Used by the policy module to handle Date arrays used in certificate extensions. |
| ICertEncodeLongArray | Used by the policy module to handle Long arrays used in certificate extensions. |
| ICertEncodeStringArray | Used by the policy module to handle STRING arrays used in certificate extensions. |
Certificate Enrollment Interfaces
This section describes the objects, methods and properties of the Certificate Enrollment Control and the object, methods, and properties available in Smart Card Enrollment Control. These include the following interfaces.
| Interface | Description |
|---|---|
| ICEnroll | One of several interfaces that represent the Certificate Enrollment Control. It is primarily of interest if you are not using Automation. |
| ICEnroll2 | One of several interfaces that represent the Certificate Enrollment Control. It is primarily of interest if you are not using Automation. |
| ICEnroll3 | One of several interfaces that represent the Certificate Enrollment Control. It is primarily of interest if you are not using Automation. |
| ICertificateEnrollmentPolicyServerSetup | Represents the Certificate Enrollment Policy (CEP) Web Service within Active Directory Certificate Services (ADCS). The service enables users and computers to obtain certificate enrollment policy information. |
| ICertificateEnrollmentServerSetup | Represents the Certificate Enrollment Web Service (CES) within ADCS. The service enables users and computers to enroll for and renew certificates. |
| ICEnroll4 | One of several interfaces that represent the Certificate Enrollment Control. It is primarily of interest if you are not using Automation. |
| IEnroll | One of several interfaces that represent the Certificate Enrollment Control. The interface is primarily of interest if you are not using Automation. |
| IEnroll2 | One of several interfaces that represent the Certificate Enrollment Control. The interface is primarily of interest if you are not using Automation. |
| IEnroll4 | One of several interfaces that represent the Certificate Enrollment Control. The interface is primarily of interest if you are not using Automation. |
| ISCrdEnr | Represents the smart card enrollment control. It is primarily of interest if you are not using Automation. |
CAPICOM Interoperability Interfaces
The following reference topics describe the interfaces that allow derivations of CryptoAPI to work together with CAPICOM 2.0.
| Interface | Description |
|---|---|
| ICertContext | Provides access to the context of a CAPICOM X.509v3 Certificate object. This context allows the CAPICOM certificate to be used in other derivations of CryptoAPI. |
| ICertStore | Provides access to the context of a CAPICOM Store object. This context allows the CAPICOM certificate store to be used in other derivations of CryptoAPI. |
| IChainContext | Provides access to the context of a CAPICOM Chain object. This context allows the CAPICOM certificate trust chain to be used in other derivations of CryptoAPI. |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for