CertCreateCertificateChainEngine function
The CertCreateCertificateChainEngine function creates a new, nondefault chain engine for an application. A chain engine restricts the certificates in the root store that can be used for verification, restricts the certificate stores to be searched for certificates and certificate trust lists (CTLs), sets a time-out limit for searches that involve URLs, and limits the number of certificates checked between checking for a certificate cycle.
Syntax
BOOL WINAPI CertCreateCertificateChainEngine( _In_ PCERT_CHAIN_ENGINE_CONFIG pConfig, _Out_ HCERTCHAINENGINE *phChainEngine );
Parameters
- pConfig [in]
-
A pointer to a CERT_CHAIN_ENGINE_CONFIG data structure that specifies the parameters for the chain engine.
- phChainEngine [out]
-
A pointer to the handle of the chain engine created. When you have finished using the chain engine, release the chain engine by calling the CertFreeCertificateChainEngine function.
Return value
If the function succeeds, the function returns nonzero (TRUE).
If the function fails, it returns zero (FALSE). For extended error information, call GetLastError.
The phChainEngine parameter returns the chain engine handle.
Examples
For an example that uses this function, see Example C Program: Creating a Certificate Chain.
Requirements
|
Minimum supported client |
Windows XP [desktop apps | Windows Store apps] |
|---|---|
|
Minimum supported server |
Windows Server 2003 [desktop apps | Windows Store apps] |
|
Header |
|
|
Library |
|
|
DLL |
|
See also
- CERT_CHAIN_ENGINE_CONFIG
- Certificate Chain Verification Functions
- CertFreeCertificateChainEngine
- GetLastError