What it is
CryptoAPI (CAPI) is an application programming interface that enables application developers to add authentication, encoding, and encryption to Windows-based applications.
Microsoft is slowly leaving CAPI in favour of CNG. We have seen it happen in outlook.exe and in some .Net Framework scenarios from version 4.7.2.
Developing with CAPI
# Avoid working with cards
# Avoid working with containers
# Avoid working with labels
# Avoid working with keys
Just go for the certificates in Mystore
You cannot see who's taking care of your certificates in Mystore via the certificate snap-in:
To find out what CSPs handling your certificates in Mystore type:
certutil -store -user MY
In this case we can see that the certificate in the picture above is registered by "Net iD - CSP":