Function CertificateSelect() Professional

The function CertificateSelect() selects a server and/or client certificate from a certificate store or invalidates a previous selection for the current thread. In addition, the selected certificate is inherited by a threadcreated by the current thread.

The certificate must be specified via the subject name, the name of the certificate store, and the location the store resides in. A certificate store can exist either in the user or in the machine context. The user context contains certificates for the current user, whereas certificates in the machine context are valid for the local machine.

If the <cSubject> parameter contains a "server:" prefix, a certificate for server authentication is selected. If the prefix "client:" is used, a client certificate is selected instead. When no prefix is specified in the <cSubject> parameter, the function tries to select both a client and a server certificate and returns success if at least one certificate type is selected.

// Select the server certificate having the subject "Alaska Software" 
CertificateSelect( "server:Alaska Software" ) 

If the CertificateSelect() function is executed without parameters, an existing selection of certificates is invalidated. To invalidate only the server or client certificate on the thread, the character string "server:" or "client:" can be passed in the first parameter without specifying a subject.

// Invalidating the selection of a server certificate 
CertificateSelect( "server:" ) 

// Invalidating the selection of a server and client certificate 
CertificateSelect() 

Before a certificate is loaded from the certificate store, an invalidation of a previously selected server and/or client certificate is performed on the thread. So if the function returns false (.F.), then no server and/or client certificate is selected on the thread.

After a certificate has been selected via CertificateSelect(), the certificate is used by SocketNegotiateSSL() for negotiating SSL connections.