createPKCS10

The createPKCS10 method creates a base64 encoded PKCS #10 (in BSTR form) that can be submitted to a certificate server, requesting that a certificate be issued to the person/entity whose information is supplied in the PKCS #10.

[VB] void createPKCS10(
  BSTR DNName, 
  BSTR Usage 
);
 
[C++] HRESULT createPKCS10(
  BSTR DNName,   // in
  BSTR Usage     // in
);
 

Parameters

[VB][C++] DNName

The DN name must follow the X500 naming convention. For example "CN=User, O=Microsoft". If a two-letter prefix does not exist, an OID may be provided instead.

[VB][C++] Usage

An OID that describes the purpose of the certificate being generated. For example, Individual or Commercial Authenticode certificate, or Client Authentication.

The purpose OID is just passed through to the PKCS #10 request. For general extensibility and ease of understanding, the control does not attempt to understand specific purpose OIDs. Therefore if you specify a Client Authentication OID, the generated key will still be a signature key, not an exchange key.

Return Values

The return value from createPKCS10 is a base64 encoded PKCS #10 request (in BSTR form). The format is such so that it can be directly posted to a Web server for processing.

Remarks

By default, the Microsoft Base Cryptographic Provider is used, PROV_RSA_FULL is the provider type, a signature key is created, and a unique new key set is created.