CertAddCRLContextToStore

The CertAddCRLContextToStore function adds a certificate revocation list (CRL) context to the certificate store.

#include <wincrypt.h>
BOOL WINAPI CertAddCRLContextToStore(
  HCERTSTORE hCertStore,                   // in
  PCCRL_CONTEXT pCrlContext,               // in
  DWORD  dwAddDisposition,                 // in
  PCCRL_CONTEXT *ppStoreContext            // out, optional
);

Parameters

hCertStore

Handle to the certificate store.

pCrlContext

Pointer to the CRL context that is to be added.

dwAddDisposition

Value that specifies the action to take if a matching CRL or a link to a matching CRL already exists in the store. Currently defined disposition values and their uses are:

CERT_STORE_ADD_NEW: If a matching CRL or a link to a matching CRL exists, the operation fails. GetLastError returns CRYPT_E_EXISTS.
CERT_STORE_ADD_USE_EXISTING: If a matching CRL or a link to a matching CRL exists, that existing CRL is used and properties from the new CRL are added. The function does not fail, but no new CRL is added. If ppCertContext is not NULL, the existing context is duplicated.
If a matching CRL or a link to a matching CRL does not exist, a new CRL is added.
CERT_STORE_ADD_REPLACE_EXISTING: If a matching CRL or a link to a matching CRL exists, the existing CRL or link is deleted and a new CRL is created and added to the store. If a matching CRL or a link to a matching CRL does not exist, one is added.
CERT_STORE_ADD_ALWAYS: Makes no check for an existing matching CRL or link to a matching CRL. A new CRL is always added to the store. This may lead to duplicates in a store.
CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES.: If a matching CRL exists in the store, the existing context is deleted before creating and adding the new context. The added context inherits properties from the existing CRL
CERT_STORE_ADD_NEWER: If a matching CRL or a link to a matching CRL exists, the function compares the ThisUpdate times on the CRLs. If the existing CRL has a ThisUpdate time less than the ThisUpdate time on the new CRL, the old CRL or link is replaced just as with CERT_STORE_ADD_REPLACE_EXISTING. If the existing CRL has a ThisUpdate time greater than or equal to the ThisUpdate time on the CRL to be added, the function fails with GetLastError returning CRYPT_E_EXISTS.
If a matching CRL or a link to a matching CRL is not found in the store, a new CRL is added to the store.
CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES.: Action is the same as for CERT_STORE_ADD_NEWER except that if an older CRL is replaced, the properties of the older CRL are incorporated into the replacement CRL.

ppCrlContext

Pointer to a pointer to the decoded CRL context. This is an optional parameter, and can be NULL, indicating that the caller does not want a copy of the added or existing CRL. If a copy is made, that context must be freed by using CertFreeCRLContext.

Return Values

TRUE if the function succeeded. FALSE if the function failed.

GetLastError returns the reason for any failures using the following error codes:

CRYPT_E_EXISTS: This error is returned if CERT_STORE_ADD_NEW is set and the CRL already exists in the store or if CERT_STORE_ADD_NEWER is set and a CRL exists in the store with a ThisUpdate date greater than or equal to the ThisUpdate date on the CRL to be added.
E_INVALIDARG: The dwAddDisposition argument specified an invalid add disposition.

Errors from the called functions CertAddEncodedCRLToStore and CertSetCRLContextProperty may be propagated to this function.

Remarks

The CRL context is not duplicated using CertDuplicateCRLContext. Instead, a new copy is created and added to the store. In addition to the encoded CRL, the function copies the context's properties.

Example

See CertAddCertificateContextToStore

Change all references to "certificate" in the example code to "CRL."

QuickInfo