Several functions add extended properties to certificates. The original data in a certificate context is read-only and cannot be changed; however, CryptoAPI certificates also have dynamic extended properties that can be added and changed. These properties include data that:
Values for these properties are attached to and move with the certificate. There are currently five predefined properties identified with property IDs:
These properties tie a certificate to a particular CSP (Certificate Service Provider) and, within that CSP, to a particular private key.
These properties indicate the hashing algorithm to be used when a hashing operation is performed.
CertSetCertificateContextProperty sets properties on a certificate; CertSetCRLContextProperty sets CRL properties; and CertSetCTLContextProperty sets CTL properties.
Three functions retrieve certificate properties. CertGetCertificateContextProperty retrieves certificate properties; CertGetCRLContextProperty retrieves CRL properties; and CertGetCTLContextProperty retrieves CTL properties.