none
XEnroll and C# - Supress all default attributes and extensions using CEnroll.createPKCS10() RRS feed

  • Question

  • When creating CSR on win 2003 server using Xenroll interop(VS 2008 + c#),can anyone tell me how to acheive similar functionality as in certenroll

    CX509Enrollment.SuppressDefaults =  true;

    Thanks In Advance

    Monday, August 8, 2011 12:34 PM

All replies

  • Hi,

    You can look over this document to map XEnroll.dll to Certenroll.dll for different types of functionality:

    http://msdn.microsoft.com/en-us/library/bb931379(VS.85).aspx


    Paul Zhou [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Wednesday, August 10, 2011 6:53 AM
  • Thanks Paul.

    I referred the link but I am not able to find an equivalent of this property IX509CertificateRequest::SuppressDefaults Property in createPKCS10WStr??


    GN
    Wednesday, August 10, 2011 11:06 AM
  •  

    Hi,

     

    Xenroll implements two parallel sets of interfaces:

    ICEnroll, ICEnroll2, ICEnroll3, and ICEnroll4 were Automation-compliant and compatible with scripting languages. The corresponding interfaces—IEnroll, IEnroll2, and IEnroll4—could not be scripted but were more convenient for C++ programmers.

     

    You can find all functions and properties in the documents. CertEnroll implements a larger set of interfaces. So some functions or properties may not be implemented in Xenroll but exist in CertEnroll.dll.

     

    If the property you want to find does not exist in the documents above, it may be a new added property in CertEnroll.


    Paul Zhou [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Thursday, August 11, 2011 2:43 AM
  • My goal is to remove all the attributes from IEnroll4.CreateRequest ().I tried the method IEnroll4.resetAttributes().

    The following default attributes are not removed.
    1.3.6.1.4.1.311.13.2.3 :

    1.3.6.1.4.1.311.21.20 :

    1.3.6.1.4.1.311.13.2.2 :

    Please guide how this functionality can be achieved in XEnroll.


    GN
    Thursday, August 11, 2011 7:45 AM
  • Hi,

    I am not familiar with Xenroll. If Certenroll.dll provides functions to achieve your purpose, why don't you use it instead of the Xenroll.dll. 


    Paul Zhou [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Friday, August 12, 2011 2:21 AM
  • I need this functionality to run on win 2003 server..where certenroll is not supported.Need to use xenroll only.

     

    Thanks


    GN
    Friday, August 12, 2011 6:06 AM
  •  

    We're investigating on this issue, it might takes some time before get back to you. Appreciate your patience.

    Thank you for your understanding and support.


    Paul Zhou [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Monday, August 15, 2011 6:06 AM
    • Proposed as answer by Paul Zhou Wednesday, August 24, 2011 5:48 AM
    Tuesday, August 16, 2011 7:14 AM
  • I am trying to create a certificate request with additional attributes using XEnroll api on XP (CertEnroll not supported), but I donot see my attributes getting added I only see default attributes: I am calling

    (1) ICEnroll4.addAttributeToRequest (to add an attribute)

    2) createPKCS10/createRequest (to create a request).

    I was able to addAttributes using CertEnroll api on Windows7/Vista. But I need to support XP also so using XEnroll api.


    Tuesday, December 13, 2011 8:19 AM