Edit

X509RequestInheritOptions enumeration (certenroll.h)

  • Article

The X509RequestInheritOptions enumeration type specifies how keys, extension values, and external properties are inherited when a new request is created from an existing certificate. This enumeration can be used to initialize an IX509CertificateRequestPkcs7 or an IX509CertificateRequestPkcs10 object from an existing certificate.

You can choose one of the following values to specify how keys are inherited:

  • InheritNewDefaultKey
  • InheritNewSimilarKey
  • InheritPrivateKey
  • InheritPublicKey
You can also use a bitwise-AND operation to combine the key inheritance choice with InheritNone or with any combination of the following flags:
  • InheritRenewalCertificateFlag
  • InheritTemplateFlag
  • InheritSubjectFlag
  • InheritExtensionsFlag
  • InheritSubjectAltNameFlag
  • InheritValidityPeriodFlag

Syntax

typedef enum X509RequestInheritOptions {
  InheritDefault = 0,
  InheritNewDefaultKey = 0x1,
  InheritNewSimilarKey = 0x2,
  InheritPrivateKey = 0x3,
  InheritPublicKey = 0x4,
  InheritKeyMask = 0xf,
  InheritNone = 0x10,
  InheritRenewalCertificateFlag = 0x20,
  InheritTemplateFlag = 0x40,
  InheritSubjectFlag = 0x80,
  InheritExtensionsFlag = 0x100,
  InheritSubjectAltNameFlag = 0x200,
  InheritValidityPeriodFlag = 0x400,
  InheritReserved80000000 = 0x80000000
} ;

Constants

 
InheritDefault
Value: 0
Inheritance is not specified. For more information, see the InitializeFromCertificate method on the IX509CertificateRequestPkcs10 interface.
InheritNewDefaultKey
Value: 0x1
Creates a new key but inherits the default cryptographic service provider (CSP) or KSP.
InheritNewSimilarKey
Value: 0x2
Creates a new key but inherits the CSP or KSP used to create the existing certificate.
InheritPrivateKey
Value: 0x3
Inherits the private and public keys.
InheritPublicKey
Value: 0x4
Inherits only the public key.
InheritKeyMask
Value: 0xf
Use to mask the lower-order 4 bits that identify key inheritance.
InheritNone
Value: 0x10
Prevents use of the following inheritance values:


  • InheritRenewalCertificateFlag

  • InheritTemplateFlag

  • InheritSubjectFlag

  • InheritExtensionsFlag

  • InheritSubjectAltNameFlag

  • InheritValidityPeriodFlag
InheritRenewalCertificateFlag
Value: 0x20
Inherits the renewal certificate. Specifying this flag sets an ICertPropertyRenewal value.
InheritTemplateFlag
Value: 0x40
Inherits the certificate template.
InheritSubjectFlag
Value: 0x80
Inherits the subject distinguished name.
InheritExtensionsFlag
Value: 0x100
Inherits the relevant extensions from the certificate. Extension values associated with the following object identifiers are not inherited:


  • XCN_OID_CERTSRV_CA_VERSION

  • XCN_OID_AUTHORITY_INFO_ACCESS

  • XCN_OID_CRL_DIST_POINTS

  • XCN_OID_AUTHORITY_KEY_IDENTIFIER2

  • XCN_OID_CERTSRV_PREVIOUS_CERT_HASH

  • XCN_OID_ENROLL_CERTTYPE_EXTENSION

  • XCN_OID_CERTIFICATE_TEMPLATE
InheritSubjectAltNameFlag
Value: 0x200
Inherits the SubjectAlternativeName extension.
InheritValidityPeriodFlag
Value: 0x400
Inherits the validity period.
InheritReserved80000000
Value: 0x80000000

Requirements

Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Header certenroll.h

See also

CertEnroll Enumerations

CertEnroll Interfaces

IX509CertificateRequestPkcs10

IX509CertificateRequestPkcs7