| -api-id | -api-type |
|---|---|
M:Windows.Security.Cryptography.Certificates.CertificateEnrollmentManager.CreateRequestAsync(Windows.Security.Cryptography.Certificates.CertificateRequestProperties) |
winrt method |
Asynchronously creates a PKCS #10 certificate request based on properties specified in a CertificateRequestProperties object.
A CertificateRequestProperties object that contains the property values used to create the certificate request.
This method returns a string that contains the base64 encoded PKCS #10 certificate request.
Certificate enrollment can be performed in an app container. We recommend that you use the following request objects to submit the request:
- XMLHttpRequest (JavaScript)
- HttpWebRequest (C#)
- IXMLHTTPRequest (C++)
The CertificateRequestProperties object contains the following default values.
| Property | Default value |
|---|---|
| Subject | Empty string |
| KeyAlgorithmName | RSA |
| KeySize | 2048 bits |
| FriendlyName | Empty String |
| HashAlgorithmName | SHA256 |
| Exportable | Not Exportable |
| KeyUsages | Signing |
| KeyProtectionLevel | NoConsent |
| KeyStorageProviderName | Microsoft Software Key Storage Provider |
While the CreateRequestAsync method creates the certificate request, you will need to submit the request to an http enrollment end point. You can then take the response from the http enrollment end point and then call the InstallCertificateAsync method to install the response.
Note
You must include the Signing value in the KeyUsages property in any CertificateRequestProperties object that you use in a call to CreateRequestAsync. If you wish to set KeyUsages to Decryption or KeyAgreement, you must also OR in Signing. Otherwise, the call to CreateRequestAsync will fail.