Platform SDK: Logon Authentication |
Schannel credentials are represented internally as CryptoAPI 2.0 CERT_CONTEXT structures. Each certificate context must have its CERT_KEY_PROV_INFO_PROP_ID property set so that Schannel can find and use the associated private key. For additional details, see Public/Private Key Pairs.
Both client and server certificates must be stored in a certificate store accessible by the application process. The MY store would be an appropriate choice. Many applications such as Microsoft® Internet Explorer use the current user MY store and system services such as IIS use the local system MY store.