Historical Content Alert
This is a historical content for Windows NT 4.0 product and is presented for informative purposes only. All content in this directory is copyrighted and owned by Microsoft.


The acceptFilePKCS7 method accepts and processes a base64 encoded PKCS 7 (in BSTR form) containing a certificate. The BSTR is stored in a file.

The acceptFilePKCS7 method takes one parameter, a file containing the base64 encoded PKCS 7 (in BSTR form). It contains a certificate and the chain of certificates, possibly up to the root, identifying the issuer of the certificate. The certificate and the associated keys generated for it are put in the MY store. A root certificate is placed in the ROOT store and the rest of the chain of certificates are placed in the Certification Authority (CA) store. If any ROOT certificates are found in the PKCS 7, Crypt32 will notify the user that a ROOT is being added to his store. The user has the option of declining the ROOT certificate, but Certificate Enrollment Control will not fail acceptance for this reason.

The only difference between this method and the acceptPKCS7 method is that the PKCS 7 to be processed is stored in a file for acceptFilePKCS7, where as acceptPKCS7 receives the PKCS 7 to be processed directly as a BSTR parameter.

[VB] void acceptFilePKCS7 (
  BSTR wszPKCS10FileName
[C++] HRESULT acceptFilePKCS7 (
  BSTR wszPKCS10FileName  // in


[VB][C++] wszPKCS10FileName
Specifies the name of the file where the BSTR containing the base64 encoded PKCS 7.

Return Values

acceptFilePKCS7 returns nothing. However, an error will be thrown on failure.


By default the system stores MY, CA, ROOT, and REQUEST are used for storing the certificates. However the stores to use may be specified by assigning the following properties before calling this method:
RequestStoreName (a Certificate Enrollment defined system store)

Share this article: