To build a policy module in Microsoft® Visual Basic® version 5.0, build a class module called CertificateAuthority.Policy. This naming convention must be followed in order for RegSvr32 to store the GUID in the correct location in the system registry when it is run on the policy module DLL. To be sure of this, complete the following steps:
The Class Module must have one method, named VerifyRequest. The VerifyRequest method will receive a request from the server and authorize or deny the request.
Note VerifyRequest is free to spawn off other processes or access an external database to do the request verification. If the verification requires out-of-band processing or human intervention, VerifyRequest can notify another process or leave any notice of the incoming request required. After the out-of-band processing is complete, a call to the Administration API can be made, or the provided administration utility can be used to resubmit the request to the policy module. The policy module can examine the request again, access any necessary external data and return a value to indicate the certificate should be issued or denied.