Certificate Extended Properties
The data in a certificate, certificate revocation list (CRL), or certificate trust list (CTL) context, including any extensions, is read-only and cannot be changed. However, on Microsoft platforms, CryptoAPI certificates also have dynamic extended properties that can be added and changed.
These properties include data that:
- Pertains to the private key to be used with the certificate.
- Indicates the type of hashes to be performed on the certificate.
- Provides user-defined information associated with the certificate.
On Microsoft platforms, values for these properties are attached to and move with the certificate. Currently predefined properties identified with property IDs include the following properties:
- These properties tie a certificate to a particular CSP and, within that CSP, to a particular private key:
- These properties indicate the hashing algorithm to be used when a hashing operation is performed:
For complete lists of currently defined extended certificate properties and descriptions of the meaning and use of each property, see CertGetCertificateContextProperty and CertSetCertificateContextProperty.