Important:
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.
A version of this page is also available for
4/8/2010

This function adds a serialized certificate element to the store. The serialized element contains the encoded certificate and its extended properties. Extended properties are associated with a certificate and are not part of a certificate as issued by a certificate authority (CA). Extended properties are not available on a certificate when it is used on a non-Microsoft operating system.

Syntax

BOOL WINAPI CertAddSerializedElementToStore(
  HCERTSTORE 
hCertStore,
  const BYTE* 
pbElement, 
  DWORD 
cbElement, 
  DWORD 
dwAddDisposition, 
  DWORD 
dwFlags, 
  DWORD 
dwContextTypeFlags, 
  DWORD* 
pdwContextType, 
  const void** 
ppvContext
);

Parameters

hCertStore

[in] Handle to a certificate store where the created certificate will be stored. If hCertStoreis NULL, the function creates a copy of a certificate context with its extended properties, but the certificate is not persisted in any store.

pbElement

[in] Pointer to a buffer containing the certificate information to be serialized and added to the certificate store.

cbElement

[in] Size, in bytes, of the pbElementbuffer.

dwAddDisposition

[in] Specifies the action to take if the certificate already exists in the store. The following table shows disposition values that are currently defined.

Disposition value Description

CERT_STORE_ADD_NEW

If the certificate is new, it is created and persisted to the store. The operation fails if an identical certificate already exists in the store. The last error code is set to CRYPT_E_EXISTS.

CERT_STORE_ADD_USE_EXISTING

If the certificate is new, it is added to the store. If an identical certificate already exists, the existing element is used. If ppvContextis not NULL, the existing context is duplicated. The function only adds properties that do not already exist. The SHA1 and MD5 hash properties are not copied.

CERT_STORE_ADD_REPLACE_EXISTING

If an identical certificate already exists in the store, the existing certificate context is deleted before creating and adding the new context.

CERT_STORE_ADD_ALWAYS

No check is made to see if an identical certificate already exists. A new element is always created. This can lead to duplicates in the store. To determine if the element already exists in the store, call the CertGetSubjectCertificateFromStorefunction.

CERT_STORE_ADD_NEWER

If a matching certificate or a link to a matching certificate exists, the function compares the NotBeforetimes on the certificates. If the existing certificate has a NotBeforetime less than the NotBeforetime on the new certificate, the old certificate or link is replaced just as with CERT_STORE_ADD_REPLACE_EXISTING. If the existing certificate has a NotBeforetime greater than or equal to the NotBeforetime on the certificate to be added, the function fails with the GetLastErrorfunction returning the CRYPT_E_EXISTS code.

If a matching certificate or a link to a matching certificate is not found in the store, a new certificate is added to the store.

CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES

The action is the same as for CERT_STORE_ADD_NEWER. However, if an older certificate is replaced, the properties of the older certificate are incorporated into the replacement certificate.

CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES

If a matching certificate exists in the store, the existing context is deleted before creating and adding the new context. The new added context inherits properties from the existing certificate.

dwFlags

[in] Reserved for future use and must be set to zero.

dwContextTypeFlags

[in] Specifies the contexts that can be added.

The following table shows context type flags that are currently defined.

Context type flag Description

CERT_STORE_ALL_CONTEXT_FLAG

Adds any context.

CERT_STORE_CERTIFICATE_CONTEXT_FLAG

Adds only a certificate context.

pdwContextType

[out] Optional. Pointer to the context type of the added serialized element. If the value of this parameter is NULL, the calling application does not require the context type.

The CERT_STORE_CERTIFICATE_CONTEXT context type indicates a certificate.

ppvContext

[out] Optional. Pointer to a pointer to the decoded certificate context. If the value of this parameter is NULL, the calling application does not require the context of the added or existing certificate.

If ppvContextis not NULL, it must be the address of a pointer to a CERT_CONTEXTstructure. When the application is finished with the context, the context must be freed by using the CertFreeCertificateContextfunction for a certificate.

Return Value

If the function succeeds, the return value is TRUE.

If the function fails, the return value is FALSE.

For extended error information, call the GetLastErrorfunction. The following table shows some possible error codes.

Error value Description

CRYPT_E_EXISTS

If the dwAddDispositionparameter is set to CERT_STORE_ADD_NEW, the certificate already exists in the store.

E_INVALIDARG

An invalid disposition value was specified in the dwAddDispositionparameter.

Remarks

The Windows Embedded CE version of this function does not support CRL and CTL flags. The desktop operating system supports the following flags that Windows Embedded CE does not support:

CERT_STORE_CRL_CONTEXT

CERT_STORE_CRL_CONTEXT_FLAG

Requirements

Header wincrypt.h
Library crypt32.lib
Windows Embedded CE Windows CE 3.0 and later
Windows Mobile Windows Mobile Version 5.0 and later

See Also