The Microsoft® Certificate Server Extension Handler is a dynamic link library (DLL) that exposes encoding routines to the policy module. Each of these routines returns a pre-encoded certificate extension to the policy module in a binary format. Here is an example written in Microsoft Visual Basic® that demonstrates how these routines can be used to encode the caInfoAccess extension, which is a complex extension with multiple parts:
In the policy module:
Dim CertPolicy As CCertServerPolicy Set CertPolicy = New CCertServerPolicy mycaInfoAccess :=
"caPolicy=ftp://www.myca.com/mycps.doc;
caCerts=http://www.myca.com/mycerts.crt" CertPolicy.SetCertificateExtension Context, _
Extension.caInfoAccess, _
BINDATA, _
EncodecaInfoAccess(mycaInfoAccess)
In the extension handler:
External Function EncodecaInfoAccess(attribstr : string) : binary // Parse input to get components of caInfoAccess // Encode extension using ASN.1 or CryptoAPI // Return encoded extension End Function
The Certificate Server includes a default extension handler that provides routines for encoding the most commonly used extensions and data types such as IA5String, PrintableString, etc. which aren't among the default data types available from the policy module. The default data types are Unicode string, Long integer, and ChoiceOfTime time. Customers can modify this to incorporate their own routines for additional types or custom extensions that they would like to create.