Export (0) Print
Expand All

2.2.3.162.17 Status (ValidateCert)

The Status element is a required child element of the ValidateCert element and the Certificate element in ValidateCert command responses that indicates whether one or more certificates were successfully validated.

All elements referenced in this section are defined in the ValidateCert namespace.

Command request/response

Parent elements

Child elements

Data type

Number allowed

ValidateCert command response (section 2.2.2.21)

ValidateCert (section 2.2.3.180)

Certificate (section 2.2.3.19)

None

unsignedByte ([MS-ASDTYPE] section 2.7)

1...N (required)

As a child of the ValidateCert element, the Status element indicates the success or failure of the ValidateCert command. A value of 1 indicates success, and a value of 17 indicates failure.

As a child of the Certificate element, the Status element contains a status code which indicates the results of the validation of the specific certificate. The following table lists the status codes that apply to certificate validation for the ValidateCert command (section 2.2.2.21).

Value

Meaning

Cause

Scope

Resolution

1

Success.

Server successfully completed command.

Global

None.

2

Protocol error.

Supplied protocol parameters are out of range or invalid.

Global

Fix client code.

3

The signature in the digital ID cannot be validated.

The signature in the certificate is invalid.

Item

Verify that the certificate has a valid signature.

4

The digital ID was issued by an untrusted source.

The certificate source is not trusted by the server.

Item

Contact the administrator to add the certificate to the trusted sources list if it is required.

5

The certificate chain that contains the digital ID was not created correctly.

Invalid, incorrectly formatted certificate.

Item

Verify that the certificate chain is formatted correctly.

6

The digital ID is not valid for signing email messages.

The supplied certificate is not meant to be used for signing email.

Item

Prompt the user.

7

The digital ID used to sign the message has expired or is not yet valid.

The certificate has expired.

Item

Obtain a new certificate.

8

The time periods during which the digital IDs in the certificate chain are valid are not consistent.

One or more certificates in the chain could be out of date.

Item

Get the most recent certificate chain for the certificate.

9

A digital ID in the certificate chain is used incorrectly.

The supplied certificate is not valid for what it is being used for.

Item

Obtain a new certificate.

10

Information associated with the digital ID is missing or incorrect.

The certificate format is incorrect.

Item

Obtain a new certificate.

11

A digital ID in the certificate chain is used incorrectly.

A certificate that can only be used as an end-entity is being used as a certification authority (CA) (1), or a CA that can only be used as an end-entity is being used as a certificate.

Item

Obtain the correct certificate chain.

12

The digital ID does not match the recipient's email address.

Incorrect certificate was supplied, could be malicious.

Item

Obtain the correct certificate for the user.

13

The digital ID used to sign this message has been revoked. This can indicate that the issuer of the digital ID no longer trusts the sender, the digital ID was reported stolen, or the digital ID was compromised.

The certificate has been revoked by the certification authority (CA) (1) that issued it.

Item

Obtain a new certificate.

14

The validity of the digital ID cannot be determined because the server that provides this information cannot be contacted.

The certificate revocation server is offline.

Item

Retry request after some time.

15

A digital ID in the chain has been revoked by the authority that issued it.

A certificate in the chain has been revoked.

Item

Obtain a new certificate.

16

The digital ID cannot be validated because its revocation status cannot be determined.

The signature in the certificate is invalid.

Item

Verify that the certificate has a valid signature.

17

An unknown server error has occurred.

The certificate source is not trusted by the server.

Item

Contact the administrator to add the certificate to the trusted sources list if it is necessary.

Protocol Versions

The following table specifies the protocol versions that support this element. The client indicates the protocol version being used by setting either the MS-ASProtocolVersion header, as specified in [MS-ASHTTP] section 2.2.1.1.2.4, or the Protocol version field, as specified in [MS-ASHTTP] section 2.2.1.1.1.1, in the request.

Protocol version

Element support

2.5

X

12.0

X

12.1

X

14.0

X

14.1

X

Show:
© 2014 Microsoft