The SetCertificateExtension method adds a new extension to the certificate to be issued.
[VB] void SetCertificateExtension(
BSTR strExtensionName,
long Type,
long ExtFlags,
VARIANT pvarValue
);
[JAVA] void SetCertificateExtension(
java.lang.String strExtensionName,
int Type,
int ExtFlags,
com.ms.Variant pvarValue
);
[C++] HRESULT SetCertificateExtension(
BSTR const strExtensionName, // in
LONG Type, // in
LONG ExtFlags, // in
VARIANT const *pvarValue // in
);
Type | Description |
---|---|
PROPTYPE_LONG | Signed long data |
PROPTYPE_DATE | Date / Time |
PROPTYPE_BINARY | Binary data |
PROPTYPE_STRING | String data |
Flag Value | Explanation |
---|---|
EXTENSION_CRITICAL_FLAG | This is a critical extension |
EXTENSION_DISABLE_FLAG | Extension will not be used |
Note When ExtFlags is set to EXTENSION_DISABLE_FLAG, the extension will be disabled in the Server Log but will not be added to the certificate.
This method does not return a value.
The following C++ code sets a revocation URL string and extension critical flag into the certificate:
HRESULT hr;
BSTR strExtensionName = SysAllocString("2.29.38.4");
VARIANT varExt;
varExt.vt = VT_BSTR; // initialize type tag field
varExt.bstrVal = SysAllocString("http://UrlTest.htm");
hr = pICertServerPolicy->SetCertificateExtension(
strExtensionName, // extension name
PROPTYPE_STRING,
EXTENSION_CRITICAL_FLAG,
&varExt);
// Use the strAttributeValue ...
// free it when done
if (NULL != strExtensionName)
{
SysFreeString(strExtensionName);
}
VariantClear(&varExt);
Windows NT: Requires version 5.0 or later (or version 4.0 with the Windows NT 4.0 Option Pack).
Windows: Unsupported.
Windows CE: Unsupported.
Header: Declared in certif.h.
Import Library: Use certidl.lib.
Setting Certificate Extensions.