To gain access to certificates the certificate store in which they are stored must be opened through a call to CertOpenStore.
Usually, a certificate store is opened in cached memory. It may be a new store or its contents may be loaded from the local registry, the registry on a remote computer, a disk file, a PKCS #7 message, or some other source.
CryptoAPI certificate store functions also allow a store to maintain certificates outside of cached memory in, for example, an external database of certificates such as the one provided by the Microsoft® Certificate Server Database.
The lpszStoreProvider parameter of the CertOpenStore function determines the type of store opened and the provider used to open that store. Example Code for Opening a Certificate Store provides examples of opening certificate stores using various providers.