Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

ICertificates2::Find method

[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista, and Windows XP. Instead, use the X509Certificate2Collection Class in the System.Security.Cryptography.X509Certificates namespace.]

The Find method returns a Certificates object that contains all certificates that match the specified search criteria. This method was introduced in CAPICOM 2.0.

Syntax


Certificates.Find( _
  ByVal FindType, _
  [ ByVal varCriteria ], _
  [ ByVal bFindValidOnly ] _
)

Parameters

FindType [in]

A value of the CAPICOM_CERTIFICATE_FIND_TYPE enumeration that specifies the type of matching criteria supplied in the varCriteria parameter. The following table shows the possible values.

ValueMeaning
CAPICOM_CERTIFICATE_FIND_SHA1_HASH

Returns certificates with a SHA1 hash that matches the SHA1 hash specified in the varCriteria parameter.

CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME

Returns certificates whose subject name exactly or partially matches the subject name specified in the varCriteria parameter. This call searches the subject name field only.

CAPICOM_CERTIFICATE_FIND_ISSUER_NAME

Returns certificates whose issuer name exactly or partially matches the issuer name specified in the varCriteria parameter. This call searches the issuer name field only.

CAPICOM_CERTIFICATE_FIND_ROOT_NAME

Returns certificates whose root subject name exactly or partially matches the root subject name specified in the varCriteria parameter. This call creates a chain. This call searches the subject name field of the root certificate.

CAPICOM_CERTIFICATE_FIND_TEMPLATE_NAME

Returns certificates whose template name matches the template name specified in the varCriteria parameter.

CAPICOM_CERTIFICATE_FIND_EXTENSION

Returns certificates that have an extension that matches the extension specified in the varCriteria parameter.

CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY

Returns certificates in the store that explicitly contain an extended property with the value specified in the varCriteria parameter.

CAPICOM_CERTIFICATE_FIND_APPLICATION_POLICY

Returns certificates in the store that have either an enhanced key usage extension, application policy extension, or extended property specified in the varCriteria parameter.

CAPICOM_CERTIFICATE_FIND_CERTIFICATE_POLICY

Returns certificates that contain the policy OID in the Certificate Policy extension specified in the varCriteria parameter.

CAPICOM_CERTIFICATE_FIND_TIME_VALID

Returns certificates whose time is valid.

CAPICOM_CERTIFICATE_FIND_TIME_NOT_YET_VALID

Returns certificates whose time is not yet valid.

CAPICOM_CERTIFICATE_FIND_TIME_EXPIRED

Returns certificates whose time has expired.

CAPICOM_CERTIFICATE_FIND_KEY_USAGE

Returns certificates containing key usages in the KeyUsage extension specified in the varCriteria parameter. If the KeyUsage extension is not present, all of the key usages are assumed to be unavailable.

 

varCriteria [in, optional]

A variant that contains the search criteria. This data must match the type of data specified in the FindType parameter. If the value of the FindType parameter is CAPICOM_CERTIFICATE_FIND_TIME_VALID, CAPICOM_CERTIFICATE_FIND_TIME_NOT_YET_VALID, or CAPICOM_CERTIFICATE_FIND_TIME_EXPIRED and you do not pass a value into this parameter, the current time is assumed. For examples of each data type, see Remarks. The default value is 0.

bFindValidOnly [in, optional]

A Boolean value that indicates whether only valid certificates are returned. The default value is false; this indicates that all certificates that match the search criteria are returned.

If true, the search will not return the following types of certificates:

  • Certificates whose time has expired or is not yet valid.
  • Certificates not chained properly.
  • Certificates that have signature problems.
  • Certificates that are revoked.

Return value

Certificates object that contains the results of the search.

CAPICOM 2.1:  The Certificates object that is returned contains references to the certificates in the collection in which the search was done. Any changes made to the certificates in the returned Certificates object are reflected in that collection.

CAPICOM 2.0, CAPICOM 2.0.0.1, CAPICOM 2.0.0.2, and CAPICOM 2.0.0.3:  The Certificates object that is returned contains copies of the certificates in the collection in which the search was done. Any changes made to the certificates in the returned Certificates object are not reflected in that collection.

Remarks

The following examples show possible search criteria for the different search criteria types.

FindType parametervarCriteria parameter
CAPICOM_CERTIFICATE_FIND_SHA1_HASH33F362434B577F844BB7226BE36F7D72EF9D9393
CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME"NameOfPerson"
CAPICOM_CERTIFICATE_FIND_ISSUER_NAME"VeriSign"
CAPICOM_CERTIFICATE_FIND_ROOT_NAME"Microsoft Root Authority"
CAPICOM_CERTIFICATE_FIND_TEMPLATE_NAME"AutoEnrollEFS"

1.3.6.1.4.1.311.21.8.3692315854.1256661383.1690418588.4201632533.1741915387.2177932052

CAPICOM_CERTIFICATE_FIND_EXTENSION"2.5.29.31"

CAPICOM_OID_KEY_USAGE_EXTENSION

"CRL Distribution List"

CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTYCAPICOM_PROPID_KEY_PROV_INFO
CAPICOM_CERTIFICATE_FIND_APPLICATION_POLICY"1.3.6.1.5.5.7.3.3"

"1.3.6.1.5.5.7.3.4"

CAPICOM_OID_SERVER_AUTH_EKU

"Code Signing"

CAPICOM_CERTIFICATE_FIND_CERTIFICATE_POLICY"1.3.6.1.5.5.7.3.4.3.5"

"Corporate High Assurance"

CAPICOM_CERTIFICATE_FIND_TIME_VALID#04/15/2002, 6:00 PM#
CAPICOM_CERTIFICATE_FIND_TIME_NOT_YET_VALID#04/15/2002, 6:00 PM#
CAPICOM_CERTIFICATE_FIND_TIME_EXPIRED#04/15/2002, 6:00 PM#
CAPICOM_CERTIFICATE_FIND_KEY_USAGECAPICOM_ENCIPHER_ONLY_KEY_USAGE

 

Requirements

End of client support

Windows Vista

End of server support

Windows Server 2008

Redistributable

CAPICOM 2.0 or later on Windows Server 2003 and Windows XP

DLL

Capicom.dll

See also

Certificates
CAPICOM_OID

 

 

Community Additions

ADD
Show:
© 2015 Microsoft