This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.
[FlagsAttribute]
public enum PrivateKeyFlags<FlagsAttribute>
Public Enumeration PrivateKeyFlags[FlagsAttribute]
public enum class PrivateKeyFlags| None | 0 | This flag indicates that attestation data is not required when creating the certificate request. It also instructs the server to not add any attestation OIDs to the issued certificate. |
| RequireKeyArchival | 1 | This flag instructs the client to create a key archival certificate request. |
| AllowKeyExport | 16 | This flag instructs the client to allow other applications to copy the private key to a .pfx file at a later time. |
| RequireStrongProtection | 32 | This flag instructs the client to use additional protection for the private key. |
| RequireAlternateSignatureAlgorithm | 64 | This flag instructs the client to use an alternate signature format. |
| ReuseKeysRenewal | 128 |
This flag instructs the client to use the same key when renewing the certificate.
Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 - this flag is not supported. |
| UseLegacyProvider | 256 |
This flag instructs the client to process the msPKI-RA-Application-Policies attribute.
Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 - this flag is not supported. |
| TrustOnUse | 512 | This flag indicates that attestation based on the user's credentials is to be performed. |
| ValidateCert | 1,024 | This flag indicates that attestation based on the hardware certificate of the Trusted Platform Module (TPM) is to be performed. |
| ValidateKey | 2,048 | This flag indicates that attestation based on the hardware key of the TPM is to be performed. |
| AttestationPreferred | 4,096 | This flag informs the client that it SHOULD include attestation data if it is capable of doing so when creating the certificate request. It also instructs the server that attestation might or might not be completed before any certificates can be issued. |
| AttestationRequired | 8,192 | This flag informs the client that attestation data is required when creating the certificate request. It also instructs the server that attestation must be completed before any certificates can be issued. |
| AttestationWithoutPolicy | 16,384 | This flag instructs the server to not add any certificate policy OIDs to the issued certificate even though attestation SHOULD be performed. |
| HelloLogonKey | 2,097,152 | This flag indicates that the key is used for Windows Hello logon. |