|
Add the certificate to Windows Certificate Storage To add the certificate to the Windows certificate storage, you need to do the following:
Note that at the moment PhysicalStores and StorageType properties are not taken into account when the certificate is added. When calling Add method, you need to specify the name of the system store, when adding the certificate. Also you can specify whether the private key is imported. If it is, you can specify whether the key is exportable and protected. The exportable key can be exported from the storage by the user or programmatically. Non-exportable keys are more secure (as the third-party can't steal them), however with non-exportable keys one can only use Windows-provided cryptography operations with the key, whose (operations) list is limited comparing to SecureBlackbox. If the key is exportable, you can set it as protected. For protected keys, Windows will always notify the user via user interface, when the key is accessed. This is useful if some software attempts to silently export the key (i.e. "steal" it). Read more about system stores, Access type and other properties in the corresponding how-to article. ActiveX: some methods are included in secondary interfaces of the object. In this case you need to cast the object to the necessary interface. |
