(Engine-Level Function)
| Description: | Returns a structure of information about a supplied X.509 certificate. |
| Returns: | Structure |
Usage:  |
Script Only. |
| Function Groups: | Certificates |
| Related to: | CheckCertificateChain | FindCertificate | GetCertificateInfo | ListCertificates | MakeSelfSignedCertificate | RemoveCertificate | SetCertificateProperty |
| Format: |
AddCertificate(MachineStore, StoreName [, CertificateBlob, isPFX, PFXPassword, FriendlyName, PrivateKey]) |
| Parameters: |
| MachineStore |
| Required Boolean. If TRUE (non-zero) attempts to add the certificates to a store in the Local Computer certificate hive. If FALSE (zero) attempts to add the certificate to a store in the Current User certificate hive. |
| StoreName |
| Required text. The name of the store to add the certificate to. If it does not exist, it will be created. |
|
CertificateBLOB |
| Optional. A buffer holding a DER-binary encoded certificate BLOB (binary large object) of the certificate to add. |
| isPFX |
| Optional Boolean. TRUE (non-zero) if the certificate is in Personal Information Exchange (PFX) format. FALSE if it is in DER-binary format. Default FALSE. |
| PFXPassword |
| Optional text. Only required if the certificate is in PFX format and contains a private key. This is the password used to encrypt the private key when the PFX was created. |
| FriendlyName |
| Optional text. The friendly name to be assigned to the certificate. |
| PrivateKey |
| Optional. The private key to associate with the certificate. This is only required if you need to associate a private key with the certificate and one is not provided in a PFX format CertificateBlob. |
| Comments |
The certificate blob may be obtained from a number of different sources. For example, it may be transmitted over a communication protocol, be the output of another certificate DAG or the contents of a certificate file (commonly .DER for DER-binary encoded certificates and .PFX for Personal Information Exchange certificates). For .PFX encoded certificates, set the isPFX Boolean and, optionally, provide the password that was used to protect the private key when the PFX was created. For DER-binary encoded certificates, you can provide a separate private key (stored in a VTScada crypto-key value - Cryptographic Keys) as the PrivateKey parameter. This must match the public key contained in the certificate blob, or the attempt to add the certificate will fail. Using AddCertificate without a certificate will attempt to create the certificate store without adding a certificate. |
Example:
AddCertificate(FALSE, "NewStore");
This will create a new certificate store named "NewStore" in the local user’s certificate hive.
Thumbprint = AddCertificate(TRUE, "My", FileStream("MyCert.pfx"), TRUE, Password);
This will attempt to add the certificate and private key contained within the "MyCert.pfx" file to the local computer’s Personal certificate store. The private key in the PFX file is secured using the supplied Password. If the statement succeeds, the SHA1 thumbprint of the certificate will be returned.
