Defines additional options for building a certificate chain.

Namespace: LLCryptoLib.Security.Certificates
Assembly: LLCryptoLib (in LLCryptoLib.dll) Version: 2.0.1024.0 (2.0.1024)

Syntax

C#
public enum CertificateChainOptions
Visual Basic
Public Enumeration CertificateChainOptions
Visual C++
public enum class CertificateChainOptions

Members

Member nameValueDescription
Default0The default chain options
RevocationCheckEndCert268435456Revocation checking is done on the end certificate and only the end certificate.
RevocationCheckChain536870912Revocation checking is done on all of the certificates in every chain.
RevocationCheckChainExcludeRoot1073741824Revocation checking in done on all certificates in all of the chains except the root certificate.
RevocationCacheEndCert1When this flag is set, the end certificate is cached, which might speed up the chain-building process. By default, the end certificate is not cached and it would need to be verified each time a chain is built for it.
RevocationCheckCacheOnly-2147483648Revocation checking only accesses cached URLs and does not hit the wire to do any revocation URL retrieval. Supported on Windows Me, Windows 2000 and later.
CacheOnlyUrlRetrieval4Uses only cached URLs in building a certificate chain. The Internet and Intranet are not searched for URL-based objects. Note, not applicable to revocation checking. Set CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY to use only cached URLs for revocation checking.
DisablePass1QualityFiltering64For performance reasons, the second pass of chain building only considers potential chain paths that have quality greater than or equal to the highest quality determined during the first pass. The first pass only considers valid signature, complete chain and trusted roots to calculate chain quality. This flag can be set to disable this optimization and consider all potential chain paths during the second pass.
ReturnLowerQualityContexts128The default is to return only the highest quality chain path. Setting this flag will return the lower quality chains. These are returned in the chain context's cLowerQualityChainContext and rgpLowerQualityChainContext fields.
DisableAuthRootAutoUpdate256Setting this flag inhibits the auto update of third party roots from the Windows Update Web Server.

See Also