| UID | title | description | helpviewer_keywords | old-location | tech.root | ms.assetid | ms.date | ms.keywords | req.header | req.include-header | req.target-type | req.target-min-winverclnt | req.target-min-winversvr | req.kmdf-ver | req.umdf-ver | req.ddi-compliance | req.unicode-ansi | req.idl | req.max-support | req.namespace | req.assembly | req.type-library | req.lib | req.dll | req.irql | targetos | req.typenames | req.redist | ms.custom | f1_keywords | dev_langs | topic_type | api_type | api_location | api_name | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
NF:certenroll.IX509PrivateKey.put_SecurityDescriptor |
IX509PrivateKey::put_SecurityDescriptor (certenroll.h) |
Specifies or retrieves the security descriptor for the private key. (Put) |
|
security\ix509privatekey_securitydescriptor_property.htm |
security |
5fa1e5d8-b745-494c-a727-426084fce2a1 |
12/05/2018 |
IX509PrivateKey interface [Security],SecurityDescriptor property, IX509PrivateKey.SecurityDescriptor, IX509PrivateKey.put_SecurityDescriptor, IX509PrivateKey::SecurityDescriptor, IX509PrivateKey::get_SecurityDescriptor, IX509PrivateKey::put_SecurityDescriptor, SecurityDescriptor property [Security], SecurityDescriptor property [Security],IX509PrivateKey interface, certenroll/IX509PrivateKey::SecurityDescriptor, certenroll/IX509PrivateKey::get_SecurityDescriptor, certenroll/IX509PrivateKey::put_SecurityDescriptor, put_SecurityDescriptor, security.ix509privatekey_securitydescriptor_property |
certenroll.h |
Windows |
Windows Vista [desktop apps only] |
Windows Server 2008 [desktop apps only] |
CertEnroll.dll |
Windows |
19H1 |
|
|
|
|
|
|
The SecurityDescriptor property specifies or retrieves the security descriptor for the private key.
This property is read/write.
To use the security descriptor, you must call the ConvertStringSecurityDescriptorToSecurityDescriptor function included with the Microsoft Authorization API and specify the string returned by the GetDefaultSecurityDescriptor method.
The security descriptor is used to define access to private keys for the computer and user in the following manner:
- By default, only local administrators and services running under the LocalSystem account can access private keys associated with the computer account.
- When a CSP stores the private key of a user in an encrypted file in the user profile, it uses a security descriptor to set access permissions to the file.
If the key is not open when you specify a descriptor, the property value will be set when the key is opened.