bstrCertificateFile
Character string that contains the name of the file that stores the digital certificate of the signer. This will be the Certificate of Signer (0400,0115). The method accepts X.509 digital certificates from files in any of the following formats:
PEM |
(usually .pem, .cer, or .crt) |
DER |
(usually .cer or .crt) |
PKCS#7 PEM |
(usually .pem) |
PKCS#7 DER |
(usually .p7b or .spc) |
PKCS#12 |
(usually .pfx or .p12) |
If more than one digital certificate is stored in the file, the first one will be used.
For the last format (PKCS#12), use the bstrPassword parameter to specify the password if the digital certificate is stored encrypted. This parameter is ignored for the rest of the formats.
The method will fail if the specified private key doesn’t match the public key of the digital certificate.