SetCertificateExtension

The SetCertificateExtension method adds a new extension to the certificate to be issued.

[VB] void SetCertificateExtension(
  BSTR strExtensionName,  
  long Type,              
  long ExtFlags,          
  VARIANT pvarValue       
);
 
[JAVA] void SetCertificateExtension(
  java.lang.String strExtensionName,  
  int Type,                           
  int ExtFlags,                       
  com.ms.Variant pvarValue            
);
 
[C++] HRESULT SetCertificateExtension(
  BSTR const strExtensionName,  // in
  LONG Type,                 // in
  LONG ExtFlags,             // in
  VARIANT const * pvarValue  // in
);
 

Parameters

[VB][JAVA][C++] strExtensionName

Specifies the Object ID (OID) for the extension to set. In this release the string must be 31 or less non-null characters in length.

[VB][JAVA][C++] Type

Specifies the type of extension being set. The Type parameter must agree with the data type of pvarValue that is set in the vt field of the VARIANT structure. See Data Types. The Type parameter can be set to one of the following types.

Type	Description
PROPTYPE_LONG	Signed long data
PROPTYPE_DATE	Date / Time
PROPTYPE_BINARY	Binary data
PROPTYPE_STRING	String data

[VB][JAVA][C++] ExtFlags

Specifies the flags for the extension being set. Use a value of 0 if no flag is to be set, or one of the following flag values.

Flag Value	Explanation
EXTENSION_CRITICAL_FLAG	This is a critical extension
EXTENSION_DISABLE_FLAG	Extension will not be used

Note When ExtFlags is set to EXTENSION_DISABLE_FLAG, the extension will be disabled in the Server Log but will not be added to the certificate.

[VB][JAVA][C++] pvarValue

Specifies the value associated with the extension. Must be in decimal format or is assumed to be a string .

Return Values

This method does not return a value.

Comments

The following C++ code sets a revocation URL string and extension critical flag into the certificate:

HRESULT hr;
BSTR strExtensionName = SysAllocString("2.29.38.4");
VARIANT varExt;
varExt.vt = VT_BSTR;    // initialize type tag field
varExt.bstrVal = SysAllocString("http://UrlTest.htm");

hr = pICertServerPolicy->SetCertificateExtension(
    strExtensionName,      // extension name
    PROPTYPE_STRING,
    EXTENSION_CRITICAL_FLAG,
    &varExt);

// Use the strAttributeValue ...

// free it when done
if (NULL != strExtensionName)
{
    SysFreeString(strExtensionName);
}
VariantClear(&varExt);

Also see Setting Certificate Extensions.

© 1997 by Microsoft Corporation. All rights reserved.