Dart CertificateList Control and Objects
CreateCert Method
The official x509 Subject Name of the certificate to be created.
Specifies how the certificate is to be used. The values are additive.
The certifying Certificate Authority certificate for this certificate taken from the Certificate Store.
Default is 60. Specifies the number of months the certificate is to remain valid.
Default is False. Specifies the type of key type to use. When False, the key type is Exchange, for data transfer. If True, the key type will be a digital signature, for data authentication.
Default is providerBase. The cryptographic provider used with the certificate.
Description
Creates a new certificate and places it into the Certificate Store.
Syntax
Visual Basic
Public Function CreateCert( _
   ByVal Name As String, _
   ByVal Usage As KeyUsageConstants, _
   Optional ByVal CACertificate As Certificate, _
   Optional ByVal Lifetime As Long = 0, _
   Optional ByVal UseSignatureKey As Boolean = False, _
   Optional ByVal Provider As ProviderConstants = providerBase _
) As Certificate
Parameters
Name
The official x509 Subject Name of the certificate to be created.
Usage
ValueDescription
usageAllUsed for the KeyUsageSelect property only, selects all Certificates in the Store.
usageCertSignCertificate can be used for Certificate Signing.
usageClientAuthenticationCertificate can be used for Client Authentication.
usageCodeSigningCertificate can be used for Code Signing.
usageCrlSignCertificate can be used for Encipherment.
usageDataEnciphermentCertificate can be used for Data Encipherment.
usageDigitalSignatureCertificate can be used for Digital Signatures.
usageEmailProtectionCertificate can be used for Email Protection.
usageIPSecEndSystemCertificate can be used for IPSec End System.
usageIPSecTunnelCertificate can be used for IPSec Tunneling.
usageIPSecUserCertificate can be used for IPSec Users.
usageKeyAgreementCertificate can be used for Key Agreement.
usageKeyEnciphermentCertificate can be used for Key Encipherment.
usageNoneCertificate has no usage flag.
usageNonRepudiationCertificate can be used prevent Repudiation.
usageOfflineCrlSignCertificate can be used for CRL Signing.
usageServerAuthenticationCertificate can be used for Server Authentication.
usageTimeStampSigningCertificate can be used for Time Stamp signing.
Specifies how the certificate is to be used. The values are additive.
CACertificate
The certifying Certificate Authority certificate for this certificate taken from the Certificate Store.
Lifetime
Default is 60. Specifies the number of months the certificate is to remain valid.
UseSignatureKey
Default is False. Specifies the type of key type to use. When False, the key type is Exchange, for data transfer. If True, the key type will be a digital signature, for data authentication.
Provider
ValueDescription
providerBaseMicrosoft Base Cryptographic Provider v1.0.
providerBaseDSSMicrosoft Base DSS Cryptographic Provider.
providerBaseDSSDHMicrosoft Base DSS and Diffie-Hellman Cryptographic Provider.
providerDHSchannelMicrosoft DH SChannel Cryptographic Provider.
providerEnhancedBaseMicrosoft Enhanced Cryptographic Provider v1.0.
providerEnhancedDSSDHMicrosoft Enhanced DSS and Diffie-Hellman Cryptographic Provider.
providerEnhancedRSAAESMicrosoft Enhanced RSA and AES Cryptographic Provider (Prototype).
providerExchangeMicrosoft Exchange Cryptographic Provider v1.0.
providerGemSafeGemplus GemSAFE Card CSP v1.0.
providerRSASchannelMicrosoft RSA SChannel Cryptographic Provider.
providerSchlumbergerSchlumberger Cryptographic Service Provider.
providerSicryptInfineon SICRYPT Base Smart Card CSP.
providerStrongMicrosoft Strong Cryptographic Provider.
Default is providerBase. The cryptographic provider used with the certificate.
Remarks

This method is used to create a new certificate.  If an invalid CA certificate is provided, a certInvalidCA error will be thrown. 

The Name parameter represents the Subject Name and is expected to be in x500 format.  An example of an x500 formatted name value is CN=Test Cert, OU=Test Cert Division, O=Test Inc, C=US with CN standing for Common Name, OU for Organizational Unit, O for Organization, and C for Country.  The only required value is CN.  Other values include E for E-mail, S for State, and L for Locale. If the specified name is invalid, a certInvalidCertName error will be thrown

To set the Certificate Location and Store that will hold the certificate, use the Location and Name properties, respectively.

SHA will always be the signature algorithm in use when creating the certificate. 

If CACertificate is not present, the certificate will be created as a self-signed CA certificate.  To create a non-CA certificate, the CA certificate must already be present on the system.

At the present time this method is not fully support in Windows NT 4.0 and Windows 2000 SP2 and SP3. There are no known problems in Windows 9x or in Windows XP.

Error Codes

This method may generate the following error code (refer to CertificateErrorConstants for a complete list of error codes):

See Also

CertificateStore Object  | CertificateStore Members


PowerTCP SSL for ActiveX Documentation Version 2.2.1
© 2018 Dart Communications. All Rights Reserved.
Send comments on this topic