Hi
Rhett Gong
//thanx for considering my problem.i m using Windows 2000 server
//in refernce to my problem to obtain credentials the above code
showed, //how i m opening the certificate store. The following code how
to get the //certificate from the store and to obtain credentials for
schannel.I am getting problem in obtaning credentials.i

/*this code is the continuation of the above code*/


#define ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)

TimeStamp tsExpiry;
SECURITY_STATUS Status;
CERT_RDN cert_rdn;// structure to obtain certificate using RDN
attributes
//containing structure CERT_RDN_ATTR

CERT_RDN_ATTR cert_rdn_attr;// structure for one attribute of RDN ie
//Common Name

//only one attribute of RDN is used to find certificate
cert_rdn.cRDNAttr = 1;//only one CERT_RDN_ATTR
cert_rdn.rgRDNAttr =&cert_rdn_attr;//pointer to CERT_RDN_ATTR the
//structure contains 1 attribute

const TCHAR * pszUserName=_T("SNS");//Common Name is SNS

cert_rdn_attr.pszObjId = szOID_COMMON_NAME;//go for Common Name
//attribte in RDN
cert_rdn_attr.dwValueType = CERT_RDN_ANY_TYPE;
cert_rdn_attr.Value.cbData = _tcslen(pszUserName);//length of //Common
Name

#ifdef _UNICODE
char *pszUn = new char[wcslen(pszUserName)+1];

WideCharToMultiByte(CP_ACP,0,pszUserName,-1,pszUn,wcslen(pszUserName)+1,NULL,NULL);
cert_rdn_attr.Value.pbData = (BYTE *)pszUn;
#else
cert_rdn_attr.Value.pbData = (BYTE *)pszUserName;
#endif

//search for the certificate in the certificate store

PCCERT_CONTEXT m_pCertContext;
m_pCertContext =
CertFindCertificateInStore(m_hMyCertStore,
ENCODING_TYPE,
0,//use default values
CERT_FIND_SUBJECT_ATTR,
&cert_rdn,
NULL);

#ifdef _UNICODE
delete [] pszUn;
#endif

//If the function fails and a certificate that matches the search
criteria is not //found,the return value is NULL

if(m_pCertContext == NULL &&::GetLastError()==CRYPT_E_NOT_FOUND)
{
::OutputDebugString(_T("error:"));

}

::OutputDebugString(_T("pointer to the certificate context is
available"));

SCHANNEL_CRED m_SchannelCred;

SecurityFunctionTable m_SecurityFunc;

CredHandle m_hCreds;
PCredHandle phCreds=&m_hCreds//pointer to the credential handle

ZeroMemory(&m_SchannelCred, sizeof(m_SchannelCred));

//Credentials are required by the Schannel authentication
m_SchannelCred.dwVersion = SCHANNEL_CRED_VERSION;

m_SchannelCred.cCreds = 1;//only one certificate store

m_SchannelCred.paCred = &m_pCertContext;//pointer to the pointer of
//CERT_CONTEXT structure this how the certificate enters the credential
//which is used for security context in schannel authentication

m_SchannelCred.hRootStore = m_hMyCertStore;//handle to certificate
store
m_SchannelCred.dwMinimumCipherStrength = 80;//strength of cipher

DWORD m_dwProtocol=0;//use any protocol
m_SchannelCred.grbitEnabledProtocols = m_dwProtocol;//use any protocol

m_SchannelCred.dwFlags |= SCH_CRED_NO_SYSTEM_MAPPER ;

//function, which returns a handle to the requested credentials
Status = m_SecurityFunc.AcquireCredentialsHandle(
NULL, // Nameof principal
UNISP_NAME,//schannel package
SECPKG_CRED_INBOUND,
NULL,
&m_SchannelCred,
NULL,
NULL,
phCreds
&tsExpiry);

//here i refered MSDN for returned Status and put different values of
Status //check the exact cause for error and i found the returned value
of Status is
//SEC_E_INTERNAL_ERROR
if(Status != SEC_E_OK &&Status==SEC_E_INTERNAL_ERROR)
{
::OutputDebugString(_T("error channel credentials"));

}

::OutputDebugString(_T("handle to channel credential is available"));


//Pls help me.Thanx in advance for any suggestion.