CreateRequest method from IX509Enrollment

The CreateRequest method retrieves an encoded PKCS#10 certificate request.
This method uses the information provided during initialization and other properties that have been specified, creates a dummy certificate and places it in the request store.

Here is the flow: CreateRequest() forces creation of a dummy certificate and calls a method to get the private key. It checks to see if the private key exists or not. If you don't set the signing certificate then it will create a dummy certificate and won't ask for the private key. If you do set the signing certificate then you have to use one from the certificate store that has a private key.

Example:

CX509PublicKey publicKey = new CX509PublicKey();
publicKey.Initialize(oidx, key, EncodedValue, EncodingType.XCN_CRYPT_STRING_HEX);

string templateName = "User";

IX509CertificateRequestPkcs10 certificateRequestPkcs10 = new CX509CertificateRequestPkcs10();

certificateRequestPkcs10.InitializeFromPublicKey(X509CertificateEnrollmentContext.ContextUser,
publicKey, templateName);

certificateRequestPkcs10.Encode();

IX509Enrollment2 objEnroll = new CX509Enrollment();

CX509CertificateRequestCmc cmcRequest = new CX509CertificateRequestCmcClass();

cmcRequest.InitializeFromInnerRequest(certificateRequestPkcs10);

objEnroll.InitializeFromRequest(cmcRequest);

objEnroll.CreateRequest();

 

Reference: msdn.microsoft.com/en-us/library/windows/desktop/aa377869(v=vs.85).aspx