CertSaveStore

The CertSaveStore function saves the certificate store.

#include <wincrypt.h>
BOOL WINAPI CertSaveStore(
  HCERTSTORE hCertStore,           // in
  DWORD dwMsgAndCertEncodingType,  // in
  DWORD dwSaveAs,                  // in
  DWORD dwSaveTo,                  // in
  void *pvSaveToPara,              // in/out
  DWORD dwFlags                    // in
);

Parameters

hCertStore
Handle to the certificate store that is to be saved.
dwMsgAndCertEncodingType
The dwMsgAndCertEncodingType specifies the certificate and message encoding types when dwSaveAs is CERT_STORE_SAVE_AS_PKCS7. Otherwise, the dwMsgAndCertEncodingType parameter is not used.

Note  Both a certificate and message encoding type are required and are specified by combining them with a bitwise OR operation, as shown in the following example: 

X509_ASN_ENCODING | PKCS_7_ASN_ENCODING

Currently defined encoding types are shown in the following table.
Encoding type Value
X509_ASN_ENCODING 0x00000001
PKCS_7_ASN_ENCODING 0x00010000

dwSaveAs
Specifies if the store can be saved as a serialized store (CERT_STORE_SAVE_AS_STORE) containing properties in addition to encoded certificates, CRL, and CTLs if the store can be saved as a PKCS #7 signed message (CERT_STORE_SAVE_AS_PKCS7) that does not include the properties.

Note, the CERT_KEY_CONTEXT_PROP_ID property (and its CERT_KEY_PROV_HANDLE_PROP_ID and CERT_KEY_SPEC_PROP_ID) is not saved into a serialized store.

The dwMsgAndCertEncodingType specifies the message encoding type when dwSaveAs is CERT_STORE_SAVE_AS_PKCS7.

dwSaveTo
The dwSaveTo and pvSaveToPara parameters specify where to save the store as follows:
For dwSaveTo equal to CERT_STORE_SAVE_TO_FILE:
Saves to the specified file. The file's handle is passed in pvSaveToPara. Given, HANDLE hFile; pvSaveToPara = (void *) hFile.
After a successful save, the file pointer is positioned after the last write.
For dwSaveTo equal to CERT_STORE_SAVE_TO_MEMORY:
Saves to the specified memory blob. The pointer to the memory blob is passed in pvSaveToPara. Given, CRYPT_DATA_BLOB SaveBlob; pvSaveToPara = (void *) &SaveBlob.

Upon entry, SaveBlob's pbData and cbData need to be initialized.

Upon return, cbData is updated with the actual length.

For a length only calculation, pbData should be set to NULL. If pbData is non-NULL and cbData is not large enough, FALSE is returned with a last error of ERROR_MORE_DATA.

For dwSaveTo equal to CERT_STORE_SAVE_TO_FILENAME_A and

for dwSaveTo equal to CERT_STORE_SAVE_TO_FILENAME_W and

for dwSaveTo equal to CERT_STORE_SAVE_TO_FILENAME:

Opens the file, saves to it, and closes it.

The filename is passed in pvSaveToPara.

The filename is UNICODE for the "_W" option and ASCII for the "_A"option. For "_W": given, LPCWSTR pwszFilename; pvSaveToPara = (void *) pwszFilename;

For "_A": given, LPCSTR pszFilename; pvSaveToPara = (void *) pszFilename;

Note, the default (without "_A" or "_W") is UNICODE.

pvSaveToPara
Points to the "save to" data. See dwSaveTo above for usage details.
dwFlags
This parameter is not currently used and should be set to zero.

Return Values

TRUE if the function succeeded. FALSE if the function failed.

Call GetLastError to see the reason for any failures. Note that CreateFile or WriteFile errors may be propagated to this function. This function has the following error codes:

Error code Description
CRYPT_E_FILE_ERROR An error occurred while writing to the file.

Example

See Example Code for Fundamental Certificate Store Operations.

QuickInfo

  Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
  Windows: Requires Windows 95 OSR2 or later.
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use crypt32.lib.

See Also

CertOpenStore, CertCloseStore