Defines additional options for building a certificate chain.
Namespace: LLCryptoLib.Security.CertificatesAssembly: LLCryptoLib (in LLCryptoLib.dll) Version: 2.0.1024.0 (2.0.1024)
Syntax
C# |
---|
public enum CertificateChainOptions |
Visual Basic |
---|
Public Enumeration CertificateChainOptions |
Visual C++ |
---|
public enum class CertificateChainOptions |
Members
Member name | Value | Description | |
---|---|---|---|
Default | 0 | The default chain options | |
RevocationCheckEndCert | 268435456 | Revocation checking is done on the end certificate and only the end certificate. | |
RevocationCheckChain | 536870912 | Revocation checking is done on all of the certificates in every chain. | |
RevocationCheckChainExcludeRoot | 1073741824 | Revocation checking in done on all certificates in all of the chains except the root certificate. | |
RevocationCacheEndCert | 1 | When this flag is set, the end certificate is cached, which might speed up the chain-building process. By default, the end certificate is not cached and it would need to be verified each time a chain is built for it. | |
RevocationCheckCacheOnly | -2147483648 | Revocation checking only accesses cached URLs and does not hit the wire to do any revocation URL retrieval. Supported on Windows Me, Windows 2000 and later. | |
CacheOnlyUrlRetrieval | 4 | Uses only cached URLs in building a certificate chain. The Internet and Intranet are not searched for URL-based objects. Note, not applicable to revocation checking. Set CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY to use only cached URLs for revocation checking. | |
DisablePass1QualityFiltering | 64 | For performance reasons, the second pass of chain building only considers potential chain paths that have quality greater than or equal to the highest quality determined during the first pass. The first pass only considers valid signature, complete chain and trusted roots to calculate chain quality. This flag can be set to disable this optimization and consider all potential chain paths during the second pass. | |
ReturnLowerQualityContexts | 128 | The default is to return only the highest quality chain path. Setting this flag will return the lower quality chains. These are returned in the chain context's cLowerQualityChainContext and rgpLowerQualityChainContext fields. | |
DisableAuthRootAutoUpdate | 256 | Setting this flag inhibits the auto update of third party roots from the Windows Update Web Server. |