|
|
| Locating a Digital Certificate |
There are 3 properties of a certificate that, combined, allow it to be globally unique:
Note: The uniqueness of the combined properties is not guaranteed, and it is possible that, in rare circumstances, two different certificates can have the same three identical properties but their public and private keys are different However, such scenario would only complicate certificate management and, as such, should be avoided whenever possible.
When locating a certificate in the certificate store, the sSubjectName, sIssuerName and sHexSerialNumber are used to search for the certificate. Each can be specified as an empty string if it is not required in the search; but at least one is required. In a certificate store containing duplicate names, the first certificate found is the one returned and the search is completed immediately. Therefore, the more parameters specified, the better chance of finding the desired certificate. Depending on the properties specified for the search, a search combination can be one of the following:
Example in Visual Basic
This sample program demonstrates how to search for a certificate in the
certificate store called "My", in the certificate store location called
"CurrentUser".
Create an instance of ediDocument. The ediDocument object is the top level application instance for Framework EDI (FREDI). This object is the topmost object in the object model hierarchy of FREDI. This instance is always created at the start of a program.
Dim oEdiDoc As Fredi.ediDocument
Set oEdiDoc = New Fredi.ediDocument
Specify default certificate store and location. The ediSecurities object provide the security capabilities in FREDI. This object is accessible directly from ediDocument, and its settings persist for the life of the ediDocument object. Set the default certificate store name to "My" using DefaultCertSystemStoreName property, and set the default certificate store location to "CurrentUser" using DefaultCertSystemStoreLocation property.
Dim oSecurities As Fredi.ediSecurities
Set oSecurities = oEdiDoc.GetSecurities
' Set the default certificate store
oSecurities.DefaultCertSystemStoreName = "My" ' Case sensitive
' Set the default certificate store location
oSecurities.DefaultCertSystemStoreLocation = "CurrentUser"
Call the GetCertificate method of the ediSecurities object. The GetCertificate method allows one to pass the three parameters to search for the certificate as follows:
' Search using the subject name only
Set oCertificate = oSecurities.GetCertificate("ABC Company", "", "")' Search using the subject name, and issuer name
Set oCertificate = oSecurities.GetCertificate("ABC Company", "CA Issuer Ltd.", "")' Search using the subject name, issuer name, and serial number
Set oCertificate = oSecurities.GetCertificate("ABC Company", "CA Issuer Ltd.", "08-F7-0C-79-8A-30-0A-80")' Search using the issuer name, and serial number
Set oCertificate = oSecurities.GetCertificate("", "CA Issuer Ltd.", "08-F7-0C-79-8A-30-0A-80")
< BR >
Example Program
Dim oEdiDoc As Fredi.ediDocument
Dim oSecurities As Fredi.ediSecurities
Dim oCertificate As Fredi.ediSecurityCertificate
Set oEdiDoc = New Fredi.ediDocument
Set oSecurities = oEdiDoc.GetSecurities
' Set the default certificate store
oSecurities.DefaultCertSystemStoreName = "My" ' Case sensitive
' Set the default certificate store location
oSecurities.DefaultCertSystemStoreLocation = "CurrentUser"
Set oCertificate = oSecurities.GetCertificate("ABC Company", "CA Issuer Ltd.", "")
If oCertificate Is Nothing Then
MsgBox "Certificate not found"Else
Dim sSubjectName As StringEnd If
Dim sIssuerName As String
Dim sHexSerialNumber As String
Dim sFoundMsg As String
sSubjectName = oCertificate.SubjectName
sIssuerName = oCertificate.IssuerName
sHexSerialNumber = oCertificate.SerialNumber
sFoundMsg = "Certificate found. " & vbCrLf & vbCrLf
sFoundMsg = sFoundMsg & "Subject Name: " & sSubjectName & vbCrLf
sFoundMsg = sFoundMsg & "Issuer Name: " & sIssuerName & vbCrLf
sFoundMsg = sFoundMsg & "Serial Number: " & sHexSerialNumber & vbCrLf
MsgBox sFoundMsg