Certificates and CryptoAPI
CryptoAPI supports using certificates as defined in the ITU-T recommendation X.509 (also, ISO/IEC 9594-8). This documentation assumes the use of an X.509 or comparable digital certificate.
An X.509 standard certificate contains the following information.
| Field | Description |
|---|---|
| Version | Version number of the certificate. |
| Serial Number | Serial number of the certificate. |
| Algorithm Identifier | Signature algorithm used by the certificate signer. |
| Issuer Name | Name of the issuer of the certificate. |
| Validity: | |
| Not Before (Date) | Date before which the certificate is not valid. |
| Not After (Date) | Date after which the certificate is not valid. |
| Subject Name | Name of the person or entity to whom the certificate is being issued. |
| Subject Public Key Info: | |
| Algorithm | Algorithm used for the public key. |
| Subject Public Key | Actual public key (a bit string). |
| Optional Fields: | |
| Issuer Unique ID | If present, version must be version 2. |
| Subject Unique ID | If present, version must be version 2. |
| Extensions | Optional field. Represents additional data that an issuer can want to add to a certificate, such as e-mail address or authorization to issue certificates. |
| If extensions are present, version must be version 3. |
See Also
Cryptography | Certificates | Enrolling for a Certificate
Last updated on Thursday, April 08, 2004
© 1992-2003 Microsoft Corporation. All rights reserved.