The CertCloseStore function closes a certificate store handle. There needs to be a corresponding CertCloseStore for each successful CertOpenStore and CertDuplicateStore.
#include <wincrypt.h>
BOOL WINAPI CertCloseStore(
HCERTSTORE hCertStore, // in
DWORD dwFlags // in
);
The following flags are defined for these uses.
| Flag name | Value | Description |
|---|---|---|
| CERT_CLOSE_STORE_ FORCE_FLAG |
0x00000001 | Allows for forcing store closure and freeing of memory. |
| CERT_CLOSE_STORE_ CHECK_FLAG |
0x00000002 | Allows for checking whether all of a store's certificates and CRLs have been freed and this is the final close store. |
TRUE if the function succeeded. FALSE if the function failed. For more details, see the "Remarks" section.
Call GetLastError to see the reason for any failures. This function has the following error codes:
| Error code | Description |
|---|---|
| CRYPT_E_PENDING_CLOSE | Final store closure is pending until additional context frees or store closes. |
On the final close, if the CERT_STORE_NO_CRYPT_RELEASE_FLAG wasn't set at the time the store was opened, the hCryptProv is released via CryptReleaseContext.
Note The certificate store isn't freed until all of its certificate contexts and CRL contexts have also been freed via CertFreeCertificateContext and CertFreeCRLContext respectively (unless the CERT_CLOSE_STORE_FORCE_FLAG is also specified).
To force the closure of the store with all of its memory freed, specify the CERT_STORE_CLOSE_FORCE_FLAG. This flag should be set when the caller does its own reference counting and wants everything to vanish.
To check whether all the store's certificates and CRLs have been freed and that this is the last CertCloseStore, set the CERT_CLOSE_STORE_CHECK_FLAG. When this flag is set, and certificates or CRLs or stores still need to be freed or closed, FALSE is returned with LastError set to CRYPT_E_PENDING_CLOSE. Note that the store is still closed when FALSE is returned. This is a diagnostic flag.
LastError is preserved unless CERT_CLOSE_STORE_CHECK_FLAG is set and FALSE is returned.
//--------------------------------------------------------------------
// Close a certificate store using CERT_CLOSE_STORE_FORCE_FLAG and
// with CERT_CLOSE_STORE_CHECK_FLAG.
//--------------------------------------------------------------------
// handle_error() is a function defined in a separate file.
HANDLE hStoreHandle;
PCCERT_CONTEXT DesiredCert;
// Open a certificate store. For details, see CertOpenStore.
if(hStoreHandle = CertOpenStore(
CERT_STORE_PROV_SYSTEM,0,NULL,CERT_SYSTEM_STORE_CURRENT_USER,
L"MY"))
// The store opened. Continue.
printf("The store is open.\n");
else
// The store did not open. Exit to an error routine.
handle_error("The store could not be opened.");
if(DesiredCert= CertEnumCertificatesInStore(
hStoreHandle,NULL))
printf("A certificate was retrieved. Continue.\n");
else
// A certificate was not retrieved. Exit to an error routine.
handle_error("No certificate retrieved. The store may be empty.");
// Close the store with forced freeing of open certificates.
if(CertCloseStore(
hStoreHandle, // handle of store to close.
CERT_CLOSE_STORE_FORCE_FLAG // flag to force freeing certs.
))
printf("The store was properly closed. Continue.\n");
else
// The Store was not properly closed. Exit to an error routine.
handle_error("Store not properly closed. The force flag was used.");
// Re-open the certificate store. For details, see CertOpenStore.
if(hStoreHandle = CertOpenStore(
CERT_STORE_PROV_SYSTEM,0,NULL,CERT_SYSTEM_STORE_CURRENT_USER,
L"MY"))
printf("The store was re-opened. Continue.\n");
else
// The store was not opened. Exit to an error routine.
handle_error("The store was not re-opened.");
// Get the first cert in the store.
if(DesiredCert= CertEnumCertificatesInStore(
hStoreHandle,NULL))
printf("A certificate was retrieved. Continue.\n");
else
// A certificate was not retrieved. Exit to an error routine.
handle_error("No certificate retrieved. The store may be empty.");
// Close the store again, this time, check for open certificates.
// If the function returns TRUE, no certificates remained open.
if(CertCloseStore(
hStoreHandle, // Handle of the store to be closed.
CERT_CLOSE_STORE_CHECK_FLAG)) // Do not force free all certs.
printf("The store was closed and no certs are still open.\n");
else{
// If the function returns FALSE, the store is closed, but one
// or more certificates remains open and must be freed by the
// application.
printf("A Certs remains open.\n");
// Free the open certificate.
if(CertFreeCertificateContext(DesiredCert))
printf("The certificate was freed. Continue.\n");
else
// The cert was not freed. Exit to an error routine.
handle_error("A certificate could not be freed.");
Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
Windows: Requires Windows 95 OSR2 or later.
Windows CE: Unsupported.
Header: Declared in wincrypt.h.
Import Library: Use crypt32.lib.
CertOpenStore, CertDuplicateStore