When the certifying authority has verified the information and is satisfied that the requester is the owner of the private key, and that the data about that requester is accurate, the CA constructs an x.509 certificate, signs it, packages it, along with any other needed certificates (such as the CA's own certificate) in a PKCS # 7 message, and sends the message to the requester.
The receiving application passes the PKCS # 7 message to the CEC. The CEC opens the message and extracts the certificates, putting any self-signed certificates in the "Root" store. The rest (except for the requester's certificate) are placed in the "CA" store. The CEC then adds the requester's public key to the requester's certificate, and places the requester's certificate in the certificate store specified by the requester in the MyStoreName property of the CEC.
The following code is a simple example of how to use Visual Basic Script and HTML in a Web page to receive and store the returned certificates, and to display the content of the requester's certificate:
<BODY>
<OBJECT
classid="clsid:43F8F289-7A20-11D0-8F06-00C04FC295E1"
CODEBASE="xenroll.dll"
id=Enroll
>
</OBJECT>
<OBJECT
classid="clsid:41046D4F-AA27-11D0-8C5F-00C04FC29D45"
CODEBASE="xformat.dll"
id=Format
>
</OBJECT>
'---------------------------------------------------------------------
' Name the form and data element.
'---------------------------------------------------------------------
<FORM NAME="result">
<INPUT TYPE="HIDDEN" NAME="result">
</FORM>
<CENTER>
<SCRIPT LANGUAGE="VBSCRIPT">
'-----------------------------------------------------------------
'Accept the certificate sub-routine.
'-----------------------------------------------------------------
Sub AcceptCertSub
On Error Resume Next
Call Enroll.AcceptPKCS7(document.result.result.value)
If err.Number = 0 Then
navigate "..\done.htm"
Else
Alert "Error: " & Hex(err)
End If
End sub
'-----------------------------------------------------------------
' Decline the certificate sub-routine.
'-----------------------------------------------------------------
Sub NoAcceptCertSub
navigate "..\notdone.htm"
End sub
On Error Resume Next
'--------------------------------------------------------------
' Get the issued certificate and display some of its parameters.
' The following value, "PKCS7", represents the received message.
' Actually, this value must be supplied through the design of
' the receiving application.
' -------------------------------------------------------------
document.result.result.value = "PKCS7"
X509Cert = Enroll.getCertFromPKCS7(document.result.result.value)
If err.Number = 0 Then
Call Format.init(X509Cert)
End If
' &H20 is Issuer
If err.Number = 0 Then
szIssuer = Format.formatIssuer("COMMON NAME")
End If
' &H40 is Subject
If err.Number = 0 Then
szSubject = Format.formatSubject("COMMON NAME")
End If
If err.Number = 0 Then
szSerialNbr = Format.SerialNumber
End If
' Not Before Date
If err.Number = 0 Then
szFrom = Format.NotBefore
End If
' Not After Date
If err.Number = 0 Then
szTo = Format.NotAfter
End If
If err.Number = 0 Then
'-----------------------------------------------------------------
' Display the data
'-----------------------------------------------------------------
document.write "<BR><BR><BR><BR>"
document.write "<FONT COLOR=Maroon SIZE=5><CENTER>"
document.write "<I><B>Certificate Acceptance</B></I>"
document.write "<HR ALIGN=CENTER WIDTH=75% COLOR=Maroon>"
document.write "<TABLE><TR><TD>Would you like to accept
Certificate: <TD><I>"
document.write szSubject
document.write "</I><TR><TD>Issued by: <TD><I>"
document.write szIssuer
document.write "</I><TR><TD>Serial Number: <TD><I>"
document.write szSerialNbr
document.write "</I><TR><TD>Effective From: <TD><I>"
document.write szFrom
document.write "</I><TR><TD>Effective To: <TD><I>"
document.write szTo
document.write "</I><TR><TD ALIGN=center><INPUT TYPE=""BUTTON""
NAME=""Accept"" value=""Accept"" onClick=""AcceptCertSub""
language=""VBScript"">"
document.write "<TD ALIGN=center><INPUT TYPE=""BUTTON""
NAME=""No"" value=""No"" onClick=""NoAcceptCertSub""
language=""VBScript"">"
document.write "</TABLE></CENTER><FONT><BR>"
document.write "<HR ALIGN=CENTER WIDTH=75% COLOR=Maroon>"
End If
If err.Number <> 0 Then
Alert "Error: " & Hex(err)
End If
</SCRIPT>
</CENTER>
</BODY>