Edit

CryptUIWizImport function (cryptuiapi.h)

  • Article

The function imports a certificate, a certificate trust list (CTL), a certificate revocation list (CRL), or a certificate store to a certificate store. The import can be performed with or without user interaction.

Syntax

BOOL CryptUIWizImport(
  [in] DWORD                         dwFlags,
  [in] HWND                          hwndParent,
  [in] LPCWSTR                       pwszWizardTitle,
  [in] PCCRYPTUI_WIZ_IMPORT_SRC_INFO pImportSrc,
  [in] HCERTSTORE                    hDestCertStore
);

Parameters

[in] dwFlags

Contains flags that modify the behavior of the function. This can be zero or a combination of one or more of the following values.

Note  Except for CRYPTUI_WIZ_NO_UI, none of the following constants are defined in a published header file. To use these constants, you must define them by using the specified values.
 
Value Meaning
CRYPTUI_WIZ_NO_UI
0x0001
 This function will perform the import based on the information in the CRYPTUI_WIZ_IMPORT_SRC_INFO structure pointed to by pImportSrc into the store specified by hDestCertStore without displaying any user interface. If this flag is not specified, this function will display a wizard to guide the user through the import process.

Beginning with Windows 8 and Windows Server 2012, if you set this flag and are importing a certificate from a PFX BLOB that was protected to an Active Directory (AD) principal, and the current user, as part of that principal, has permission to decrypt the password embedded in the PFX packet, the importation will succeed without requiring that a password be set in the CRYPTUI_WIZ_IMPORT_SRC_INFO structure. For more information about protecting PFX to an AD principal, see the pvPara parameter and the PKCS12_PROTECT_TO_DOMAIN_SIDS flag of the PFXExportCertStoreEx function.
CRYPTUI_WIZ_IGNORE_NO_UI_FLAG_FOR_CSPS
0x0002
 Suppress all user interfaces generated by cryptographic service providers (CSPs). This option can be overridden by the CRYPTUI_WIZ_NO_UI_EXCEPT_CSP option.
CRYPTUI_WIZ_NO_UI_EXCEPT_CSP
0x0003
 Suppress all user interfaces except those generated by CSPs. This option overrides the CRYPTUI_WIZ_IGNORE_NO_UI_FLAG_FOR_CSPS option.
CRYPTUI_WIZ_IMPORT_ALLOW_CERT
0x00020000
 Allow certificates to be imported.
CRYPTUI_WIZ_IMPORT_ALLOW_CRL
0x00040000
 Allow CRLs to be imported.
CRYPTUI_WIZ_IMPORT_ALLOW_CTL
0x00080000
 Allow CTLs to be imported.
CRYPTUI_WIZ_IMPORT_NO_CHANGE_DEST_STORE
0x00010000
 Do not allow the user to change the destination certificate store represented by the hDestCertStore parameter.
CRYPTUI_WIZ_IMPORT_TO_LOCALMACHINE
0x00100000
 Import the object to the certificate store for the local computer. This applies only to Personal Information Exchange (PFX) imports.
CRYPTUI_WIZ_IMPORT_TO_CURRENTUSER
0x00200000
 Import the object to the certificate store for the current user. This applies only to PFX imports.
CRYPTUI_WIZ_IMPORT_REMOTE_DEST_STORE
0x00400000
 Import the object to a remote certificate store. Set this flag if the hDestCertStore parameter represents a remote certificate store.

[in] hwndParent

The handle of the window to use as the parent of the dialog box that this function creates. This parameter is ignored if the CRYPTUI_WIZ_NO_UI flag is set in dwFlags.

[in] pwszWizardTitle

A pointer to a null-terminated Unicode string that contains the title to use in the dialog box that this function creates. This parameter is ignored if the CRYPTUI_WIZ_NO_UI flag is set in dwFlags.

[in] pImportSrc

A pointer to a CRYPTUI_WIZ_IMPORT_SRC_INFO structure that contains information about the object to import. This parameter is required if CRYPTUI_WIZ_NO_UI is set in dwFlags and is optional otherwise.

[in] hDestCertStore

A handle to the certificate store to import to. If this parameter is NULL and the CRYPTUI_WIZ_NO_UI flag is not set in dwFlags, the wizard will prompt the user to select a certificate store.

Return value

If the function succeeds, the function returns nonzero.

If the function fails, it returns zero. For extended error information, call the GetLastError function.

Remarks

If none of following three flags are set in dwFlags, import of any type of content is allowed:

  • CRYPTUI_WIZ_IMPORT_ALLOW_CERT
  • CRYPTUI_WIZ_IMPORT_ALLOW_CRL
  • CRYPTUI_WIZ_IMPORT_ALLOW_CTL
The CRYPTUI_WIZ_IMPORT_TO_LOCALMACHINE and CRYPTUI_WIZ_IMPORT_TO_CURRENTUSER flags are used to force the content of a PFX BLOB into either the local machine store or the current user store. If neither of these flags are set and hDestCertStore is NULL:
  • The private key in the PFX BLOB will be forced to be imported into the current user store.
  • And if CRYPTUI_WIZ_NO_UI is not set, the wizard prompts the user to select a certificate store from among the current user certificate stores.

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header cryptuiapi.h
Library Cryptui.lib
DLL Cryptui.dll

See also

CRYPTUI_WIZ_IMPORT_SRC_INFO

CryptUIWizExport