The policy module interface includes two methods for setting certificate properties and extensions, SetCertificateProperty and SetCertificateExtension. With these method calls, any of the properties or extensions of a certificate can be set via the policy module. Here is a Microsoft® Visual Basic® example of how each of these method calls might appear in the policy module:
'Insert a common name into the certificate
Dim CertPolicy As CCertServerPolicy
Set CertPolicy = New CCertServerPolicy
CertPolicy.SetCertificateProperty Context, _
Subject.CommonName, _
VT_STRING, _
"John Smith"
'Restrict key usage to digital signature only (KeyUsage=0)
CertPolicy.SetCertificateExtension Context, _
Extension.KeyUsage, _
VT_LONG, _
0
As can be seen from these examples, each method takes four inputs: