Re: How to create a .pfx file from cert request?

Thanks Ferrix. Your information seems to be what I need but I have run
into another problem. A few hours research did not reveal an answer
so maybe you or someone here can help.

I decided not to use the temporary store technique until after making
it work with the normal (personal) store. So I did this:

: hr = pEnroll4->acceptResponseBlob (&certBlob);
: WCHAR pw [] = L"pass";
: hr = pEnroll4->createFilePFXWStr (pw, L"c:/TestCer.pfx");

acceptResponseBlob returns ok and the certificate is installed.
createFilePFXWStr returns error:

: 0x8009000b Key not valid for use in specified state.

Thanks for any insight.

Regards, Russ

On Fri, 11 Jul 2008 19:16:21 -0400, ferrix <gbs-ms@xxxxxxxxxxxxx>

Russ wrote:

: hr = pEnroll4->acceptResponseBlob (&certBlob);

After that, I can export it into a .pfx file from IE or etc, and have
a file I can use to install the cert on another pc.

You accept the response and then call the createPFX method on the ICEnroll4.

If you don't want to "really" import it to your store during the accept,
then you can create a temporary store via CertOpenStore using
CERT_STORE_PROV_MEMORY, and set the icenroll4 to use that one by
manipulating the "MyStore*" members. Then it imports into your memory
store, you createPFX it, and then close the mem store into oblivion :)