Returns a combination of flags indicating whether the certificate can act as a certification authority, an end-entity, or both. The following flags are defined:

&H80 (CERT_CA_SUBJECT_FLAG)
&H40 (CERT_END_ENTITY_SUBJECT_FLAG)

Returns the certificate's issuer alternative name. This property was introduced in version 2.10.

Returns a CryptoCert object representing this certificate's issuer certificate. It looks for an issuer certificate in the stores MY, CA, ROOT, TRUST, REQUEST, and ADDRESSBOOK, in this order. If no certificate can be found, of this certificate is a self-signed one, this property returns Nothing. You can use this property to reconstruct a certificate's certification path.

Returns a combination of flags designating the intended usage of this certificate's key. Currently, the following flags are defined:

&H10 (CERT_DATA_ENCIPHERMENT_KEY_USAGE)
&H80 (CERT_DIGITAL_SIGNATURE_KEY_USAGE)
&H08 (CERT_KEY_AGREEMENT_KEY_USAGE)
&H04 (CERT_KEY_CERT_SIGN_KEY_USAGE)
&H20 (CERT_KEY_ENCIPHERMENT_KEY_USAGE)
&H40 (CERT_NON_REPUDIATION_KEY_USAGE)
&H02 (CERT_OFFLINE_CRL_SIGN_KEY_USAGE)

Returns a date which marks the end of this certificate's validity period.

Returns a date which marks the beginning of this certificate's validity period.

Returns True is this certificate has an associated private key installed on this machine.

Returns a blob containing this certificate's public key in a DER-encoded form.

Returns a blob containing this certificate's CERT_PUBLIC_KEY_INFO data which contains both the public key itself and its algorithm information. The public key data returned by this property is in a format used by Privacy Enhanced Mail (PEM) and DomainKeys Identified Mail (DKIM.) This property was introduced in version 2.7.

Returns the bit size of this certificate's public key.

Returns this certificate's serial number in the form of a Hex-encoded string.

Returns this certificate's SHA1 hash value in the form of a blob object.

Returns this certificate's signature algorithm. Can be one of the following values: calgMD2, calgMD4, calgMD5 or calgSHA.

Returns this certificate's signature algorithm Object Identifier string. Can be one of the following values: "1.2.840.113549.2.2" (MD2), "1.2.840.113549.2.4" (MD4), "1.2.840.113549.2.5" (MD5) or "1.2.840.113549.1.1.5" (SHA).

Returns the certificate's subject alternative name. This property was introduced in version 2.10.

Returns this certificate's version (1, 2, or 3).

Exports the certificate to a blob in the DER-encoded X.509 format (.cer). If Base64 is True the output will be in the Base64-encoded form.

This method was introduced in version 2.5.

Usage:

Set Blob = Cert.ExportToBlob( False )

Exports the certificate to a blob in the PKCS#7 format (.spc). If IncludePath is True all certificates in the certification path will be exported to that blob as well.

Usage:

Set Blob = Cert.ExportToBlobPKCS7( True )

Exports the certificate to a file in the DER-encoded X.509 format (.cer). If Base64 is True the file will be in the Base64-encoded form.

Usage:

Cert.ExportToFile "c:\mycert.cer", False

Exports the certificate to a file in the PKCS#12 format (.pfx, or .p12) along with its private key encrypted with a user-defined Password.

Usage:

Cert.ExportToPFX "c:\mycert.pfx", "secret word"

Set a certificate's private key context to Context. This method may be useful when transferring certificates and their corresponding private keys to a different machine.

Usage:

Cert.SetPrivateKeyContext Context

Verifies this certificate's signature against IssuerCert's public key. Returns True if verification succeeds or False otherwise.

Use this method to verify that the certificate is really issued by who it claims it is.

Usage:

If Not Cert.VerifySignature( IssuerCert ) Then ...