Function CertificateSelect() Professional

Selects the certificate for server and/or client usage.

Syntax
CertificateSelect( [<cSubject>] [, <cStoreName>] [, <cLocation>] )
Scope
thread-local
Parameters
<cSubject>
A character string with the name of the entity associated with the certificate. The subject name is case-sensitive. It defaults to the computer name.
<cStoreName>
A character string specifying the name of the certificate store. If no store name is specified, "my" is used which corresponds to the default store.
<cLocation>
A character string which selects the location of the certificate store. This can be either "user" or "machine". If no location is passed, the machine context is used as the default.
Return

The logical value true (.T.), if a certificate is selected. Otherwise, the value false (.F.) is returned.

Description

The function CertificateSelect() selects a server and/or client certificate from a certificate store or invalidates a previous selection for the current thread. In addition, the selected certificate is inherited by a threadcreated by the current thread.

The certificate must be specified via the subject name, the name of the certificate store, and the location the store resides in. A certificate store can exist either in the user or in the machine context. The user context contains certificates for the current user, whereas certificates in the machine context are valid for the local machine.

If the <cSubject> parameter contains a "server:" prefix, a certificate for server authentication is selected. If the prefix "client:" is used, a client certificate is selected instead. When no prefix is specified in the <cSubject> parameter, the function tries to select both a client and a server certificate and returns success if at least one certificate type is selected.

// Select the server certificate having the subject "Alaska Software" 
CertificateSelect( "server:Alaska Software" ) 

If the CertificateSelect() function is executed without parameters, an existing selection of certificates is invalidated. To invalidate only the server or client certificate on the thread, the character string "server:" or "client:" can be passed in the first parameter without specifying a subject.

// Invalidating the selection of a server certificate 
CertificateSelect( "server:" ) 

// Invalidating the selection of a server and client certificate 
CertificateSelect() 

Before a certificate is loaded from the certificate store, an invalidation of a previously selected server and/or client certificate is performed on the thread. So if the function returns false (.F.), then no server and/or client certificate is selected on the thread.

After a certificate has been selected via CertificateSelect(), the certificate is used by SocketNegotiateSSL() for negotiating SSL connections.

Feedback

If you see anything in the documentation that is not correct, does not match your experience with the particular feature or requires further clarification, please use this form to report a documentation issue.