Expand Minimize
EN
Deze inhoud is niet beschikbaar in uw taal, maar wel in het Engels.

CertAddCertificateContextToStore function

The CertAddCertificateContextToStore function adds a certificate context to the certificate store.

Syntax


BOOL WINAPI CertAddCertificateContextToStore(
  _In_       HCERTSTORE hCertStore,
  _In_       PCCERT_CONTEXT pCertContext,
  _In_       DWORD dwAddDisposition,
  _Out_opt_  PCCERT_CONTEXT *ppStoreContext
);

Parameters

hCertStore [in]

Handle of a certificate store.

pCertContext [in]

A pointer to the CERT_CONTEXT structure to be added to the store.

dwAddDisposition [in]

Specifies the action to take if a matching certificate or a link to a matching certificate already exists in the store. Currently defined disposition values and their uses are as follows.

ValueMeaning
CERT_STORE_ADD_ALWAYS

The function makes no check for an existing matching certificate or link to a matching certificate. A new certificate is always added to the store. This can lead to duplicates in a store.

CERT_STORE_ADD_NEW

If a matching certificate or a link to a matching certificate exists, the operation fails. GetLastError returns the CRYPT_E_EXISTS code.

CERT_STORE_ADD_NEWER

If a matching certificate or a link to a matching certificate exists and the NotBefore time of the existing context is equal to or greater than the NotBefore time of the new context being added, the operation fails and GetLastError returns the CRYPT_E_EXISTS code.

If the NotBefore time of the existing context is less than the NotBefore time of the new context being added, the existing certificate or link is deleted and a new certificate is created and added to the store. If a matching certificate or a link to a matching certificate does not exist, a new link is added.

If certificate revocation lists (CRLs) or certificate trust list (CTLs) are being compared, the ThisUpdate time is used.

CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES

If a matching certificate or a link to a matching certificate exists and the NotBefore time of the existing context is equal to or greater than the NotBefore time of the new context being added, the operation fails and GetLastError returns the CRYPT_E_EXISTS code.

If the NotBefore time of the existing context is less than the NotBefore time of the new context being added, the existing context is deleted before creating and adding the new context. The new added context inherits properties from the existing certificate.

If CRLs or CTLs are being compared, the ThisUpdate time is used.

CERT_STORE_ADD_REPLACE_EXISTING

If a link to a matching certificate exists, that existing certificate or link is deleted and a new certificate is created and added to the store. If a matching certificate or a link to a matching certificate does not exist, a new link is added.

CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES

If a matching certificate exists in the store, the existing context is not replaced. The existing context inherits properties from the new certificate.

CERT_STORE_ADD_USE_EXISTING

If a matching certificate or a link to a matching certificate exists, that existing certificate or link is used and properties from the new certificate are added. The function does not fail, but it does not add a new context. If pCertContext is not NULL, the existing context is duplicated.

If a matching certificate or a link to a matching certificate does not exist, a new certificate is added.

 

ppStoreContext [out, optional]

A pointer to a pointer to the copy to be made of the certificate that was added to the store.

The ppStoreContext parameter can be NULL, indicating that the calling application does not require a copy of the added certificate. If a copy is made, it must be freed by using CertFreeCertificateContext.

Return value

If the function succeeds, the return value is TRUE.

If the function fails, the return value is FALSE. For extended error information, call GetLastError. Some possible error codes follow.

Return codeDescription
CRYPT_E_EXISTS

This value is returned if CERT_STORE_ADD_NEW is set and the certificate already exists in the store, or if CERT_STORE_ADD_NEWER is set and a certificate exists in the store with a NotBefore date greater than or equal to the NotBefore date on the certificate to be added.

E_INVALIDARG

A disposition value that is not valid was specified in the dwAddDisposition parameter.

 

Errors from the called functions, CertAddEncodedCertificateToStore and CertSetCertificateContextProperty, can be propagated to this function.

Remarks

The certificate context is not duplicated using CertDuplicateCertificateContext. Instead, the function creates a new copy of the context and adds it to the store.

In addition to the encoded certificate, CertDuplicateCertificateContext also copies the context's properties, with the exception of the CERT_KEY_PROV_HANDLE_PROP_ID and CERT_KEY_CONTEXT_PROP_ID properties.

To remove the certificate context from the certificate store, use the CertDeleteCertificateFromStore function.

Note  The order of the certificate context may not be preserved within the store. To access a specific certificate you must iterate across the certificates in the store.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Wincrypt.h

Library

Crypt32.lib

DLL

Crypt32.dll

See also

Certificate Functions
CertAddEncodedCertificateToStore
CertSetCertificateContextProperty

 

 

Community-inhoud

Toevoegen
Weergeven:
© 2014 Microsoft