ICertServerPolicy::SetCertificateExtension

The SetCertificateExtension method adds a new extension to the certificate to be issued.

[VB] void SetCertificateExtension(
  BSTR strExtensionName,  
  long Type,              
  long ExtFlags,          
  VARIANT pvarValue       
);
 
[JAVA] void SetCertificateExtension(
  java.lang.String strExtensionName,  
  int Type,                           
  int ExtFlags,                       
  com.ms.Variant pvarValue            
);
 
[C++] HRESULT SetCertificateExtension(
  BSTR const strExtensionName,  // in
  LONG Type,                 // in
  LONG ExtFlags,             // in
  VARIANT const *pvarValue   // in
);
 

Parameters

[VB][JAVA][C++] strExtensionName
Specifies the Object ID (OID) for the extension to set. In this release the string must be 31 or less non-null characters in length.
[VB][JAVA][C++] Type
Specifies the type of extension being set. The Type parameter must agree with the data type of pvarValue that is set in the vt field of the VARIANT structure. See Data Types. The Type parameter can be set to one of the following types.
Type Description
PROPTYPE_LONG Signed long data
PROPTYPE_DATE Date / Time
PROPTYPE_BINARY Binary data
PROPTYPE_STRING String data

[VB][JAVA][C++] ExtFlags
Specifies the flags for the extension being set. Use a value of 0 if no flag is to be set, or one of the following flag values.
Flag Value Explanation
EXTENSION_CRITICAL_FLAG This is a critical extension
EXTENSION_DISABLE_FLAG Extension will not be used

Note  When ExtFlags is set to EXTENSION_DISABLE_FLAG, the extension will be disabled in the Server Log but will not be added to the certificate.

[VB][JAVA][C++] pvarValue
Specifies the value associated with the extension. Must be in decimal format or is assumed to be a string .

Return Values

This method does not return a value.

Remarks

The following C++ code sets a revocation URL string and extension critical flag into the certificate:

HRESULT hr;
BSTR strExtensionName = SysAllocString("2.29.38.4");
VARIANT varExt;
varExt.vt = VT_BSTR;    // initialize type tag field
varExt.bstrVal = SysAllocString("http://UrlTest.htm");

hr = pICertServerPolicy->SetCertificateExtension(
    strExtensionName,      // extension name
    PROPTYPE_STRING,
    EXTENSION_CRITICAL_FLAG,
    &varExt);

// Use the strAttributeValue ...

// free it when done
if (NULL != strExtensionName)
{
    SysFreeString(strExtensionName);
}
VariantClear(&varExt);
 

QuickInfo

  Windows NT: Requires version 5.0 or later (or version 4.0 with the Windows NT 4.0 Option Pack).
  Windows: Unsupported.
  Windows CE: Unsupported.
  Header: Declared in certif.h.
  Import Library: Use certidl.lib.

See Also

Setting Certificate Extensions.