// enroll a certificate based on given template name public static void EnrollCert( string templateName, string subjectName, string friendlyName) { // create a CX509Enrollment object // either from CX509EnrollmentClass or CX509Enrollment should work //CX509EnrollmentClass objEnroll = new CX509EnrollmentClass(); CX509Enrollment objEnroll = new CX509Enrollment(); // initialize the CX509Enrollment object objEnroll.InitializeFromTemplateName( X509CertificateEnrollmentContext.ContextUser, templateName); // set up the subject name // // first get the request IX509CertificateRequest iRequest = objEnroll.Request; // then get the inner PKCS10 request IX509CertificateRequest iInnerRequest = iRequest.GetInnerRequest(InnerRequestLevel.LevelInnermost); IX509CertificateRequestPkcs10 iRequestPkcs10 = iInnerRequest as IX509CertificateRequestPkcs10; // create CX500DistinguishedName CX500DistinguishedName objName = new CX500DistinguishedName(); objName.Encode(subjectName, X500NameFlags.XCN_CERT_NAME_STR_NONE); // set up the subject name iRequestPkcs10.Subject = objName; // set up friendly name objEnroll.CertificateFriendlyName = friendlyName; // enroll for the certificate, which should install the certficate // in MY store if the certificate is successfully issued by CA objEnroll.Enroll(); }
public bool enrollWithIX509EnrollmentHelper() { bool bRet = true; try { IX509EnrollmentPolicyServer objPolicyServer = null; IX509CertificateTemplates objTemplates = null; IX509CertificateTemplate objTemplate = null; IX509EnrollmentHelper objEnrollHelper = null; IX509Enrollment2 objEnroll2 = null; objPolicyServer = new CX509EnrollmentPolicyWebService(); objPolicyServer.Initialize( m_strPolicyServerUrl, null, m_PolicyServerAuthType, true, m_context); //This call sets authentication type and authentication credential //to policy server to the object referenced by objPolicyServer. //This call is necessary even for Kerberos authentication type. objPolicyServer.SetCredential( 0, m_PolicyServerAuthType, m_strPolicyServerUsername, m_strPolicyServerPassword); objPolicyServer.LoadPolicy(X509EnrollmentPolicyLoadOption.LoadOptionDefault); objTemplates = objPolicyServer.GetTemplates(); objTemplate = objTemplates.get_ItemByName(m_strTemplateName); //There is no need to cache credential for Kerberos authentication type if (m_EnrollmentServerAuthType == X509EnrollmentAuthFlags.X509AuthUsername) { objEnrollHelper = new CX509EnrollmentHelper(); objEnrollHelper.Initialize(m_context); //This call caches the authentication credential to //enrollment server in Windows vault objEnrollHelper.AddEnrollmentServer( m_strEnrollmentServerUrl, m_EnrollmentServerAuthType, m_strEnrollmentServerUsername, m_strEnrollmentServerPassword); } objEnroll2 = new CX509Enrollment(); objEnroll2.InitializeFromTemplate( m_context, objPolicyServer, objTemplate); //This call reads authentication cache to //enrollment server from Windows vault objEnroll2.Enroll(); } catch (Exception e) { bRet = false; Console.WriteLine("Error: {0}", e.Message); } if (bRet) { Console.WriteLine("Certificate enrollment succeeded."); } else { Console.WriteLine("Certificate enrollment failed."); } return(bRet); }
public bool enrollWithIX509EnrollmentHelper() { bool bRet = true; try { IX509EnrollmentPolicyServer objPolicyServer = null; IX509CertificateTemplates objTemplates = null; IX509CertificateTemplate objTemplate = null; IX509EnrollmentHelper objEnrollHelper = null; IX509Enrollment2 objEnroll2 = null; objPolicyServer = new CX509EnrollmentPolicyWebService(); objPolicyServer.Initialize( m_strPolicyServerUrl, null, m_PolicyServerAuthType, true, m_context); //This call sets authentication type and authentication credential //to policy server to the object referenced by objPolicyServer. //This call is necessary even for Kerberos authentication type. objPolicyServer.SetCredential( 0, m_PolicyServerAuthType, m_strPolicyServerUsername, m_strPolicyServerPassword); objPolicyServer.LoadPolicy(X509EnrollmentPolicyLoadOption.LoadOptionDefault); objTemplates = objPolicyServer.GetTemplates(); objTemplate = objTemplates.get_ItemByName(m_strTemplateName); //There is no need to cache credential for Kerberos authentication type if (m_EnrollmentServerAuthType == X509EnrollmentAuthFlags.X509AuthUsername) { objEnrollHelper = new CX509EnrollmentHelper(); objEnrollHelper.Initialize(m_context); //This call caches the authentication credential to //enrollment server in Windows vault objEnrollHelper.AddEnrollmentServer( m_strEnrollmentServerUrl, m_EnrollmentServerAuthType, m_strEnrollmentServerUsername, m_strEnrollmentServerPassword); } objEnroll2 = new CX509Enrollment(); objEnroll2.InitializeFromTemplate( m_context, objPolicyServer, objTemplate); //This call reads authentication cache to //enrollment server from Windows vault objEnroll2.Enroll(); } catch (Exception e) { bRet = false; Console.WriteLine("Error: {0}", e.Message); } if (bRet) Console.WriteLine("Certificate enrollment succeeded."); else Console.WriteLine("Certificate enrollment failed."); return bRet; }