Store.Load method

[The Load method is available for use in the operating systems specified in the Requirements section. Instead, use the X509Store Class in the System.Security.Cryptography.X509Certificates namespace.]

The Load method imports certificates from a file into the store.


Store.Load( _
  ByVal FileName, _
  [ ByVal Password ], _
  [ ByVal KeyStorageFlag ] _


FileName [in]

The string that contains the path to a .cer, .sst, .spc, .p7s, or .pfx file, or any Authenticode signed file.

Password [in, optional]

The string that contains the plaintext password to the file. Up to 32 Unicode characters, including a terminating null character, can be used for the password. For information about protecting the password, see Handling Passwords.

KeyStorageFlag [in, optional]

A value of the CAPICOM_KEY_STORAGE_FLAG enumeration that defines key storage flags. The default is CAPICOM_KEY_STORAGE_DEFAULT. This parameter can be one of the following values.


Default key storage.


The key is exportable.


The key is user protected.


Return value

This method does not return a value.


If the Load method is called on a memory store, any key containers that are created will be deleted when the memory store is deleted. For example, if a .pfx file is loaded into a memory store and later added to a system store (such as the My store) from the memory store, the certificate in the My store will not contain a key. In this case, the .pfx file should be loaded directly into the My store.

This method raises CAPICOM_E_NOT_ALLOWED when it is scripted from a web-based application.

If the password fails to decrypt the private key file, then the default cryptographic service provider (CSP) should be queried. If the default CSP is the Microsoft Base Cryptographic Provider and the decrypt operation fails, then the decrypt operation should be tried again with the Microsoft Strong Cryptographic Provider or Microsoft Enhanced Cryptographic Provider, whichever is available.

If the certificate being loaded into the store is the same as one that is already there, the Load method will delete the existing certificate from the store and then add the new certificate. The new certificate will inherit properties from the existing certificate. The existing private key container is replaced by the new private key container.



CAPICOM 2.0 or later on Windows Server 2003 and Windows XP



See also