Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

X509ChainStatusFlags Enumeration

Updated: August 2010

Defines the status of an X509 chain.

This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.

Namespace:  System.Security.Cryptography.X509Certificates
Assembly:  System (in System.dll)
[FlagsAttribute]
public enum X509ChainStatusFlags
Member nameDescription
NoErrorSpecifies that the X509 chain has no errors.
NotTimeValidSpecifies that the X509 chain is not valid due to an invalid time value, such as a value that indicates an expired certificate.
NotTimeNestedDeprecated, this flag has no effect.
RevokedSpecifies that the X509 chain is invalid due to a revoked certificate.
NotSignatureValidSpecifies that the X509 chain is invalid due to an invalid certificate signature.
NotValidForUsageSpecifies that the key usage is not valid.
UntrustedRootSpecifies that the X509 chain is invalid due to an untrusted root certificate.
RevocationStatusUnknownSpecifies that it is not possible to determine whether the certificate has been revoked. This can be due to the certificate revocation list (CRL) being offline or unavailable.
CyclicSpecifies that the X509 chain could not be built.
InvalidExtensionSpecifies that the X509 chain is invalid due to an invalid extension.
InvalidPolicyConstraintsSpecifies that the X509 chain is invalid due to invalid policy constraints.
InvalidBasicConstraintsSpecifies that the X509 chain is invalid due to invalid basic constraints.
InvalidNameConstraintsSpecifies that the X509 chain is invalid due to invalid name constraints.
HasNotSupportedNameConstraintSpecifies that the certificate does not have a supported name constraint or has a name constraint that is unsupported.
HasNotDefinedNameConstraintSpecifies that the certificate has an undefined name constraint.
HasNotPermittedNameConstraintSpecifies that the certificate has an impermissible name constraint.
HasExcludedNameConstraintSpecifies that the X509 chain is invalid because a certificate has excluded a name constraint.
PartialChainSpecifies that the X509 chain could not be built up to the root certificate.
CtlNotTimeValidSpecifies that the certificate trust list (CTL) is not valid because of an invalid time value, such as one that indicates that the CTL has expired.
CtlNotSignatureValidSpecifies that the certificate trust list (CTL) contains an invalid signature.
CtlNotValidForUsageSpecifies that the certificate trust list (CTL) is not valid for this use.
OfflineRevocationSpecifies that the online certificate revocation list (CRL) the X509 chain relies on is currently offline.
NoIssuanceChainPolicySpecifies that there is no certificate policy extension in the certificate. This error would occur if a group policy has specified that all certificates must have a certificate policy.

This enumeration is used in conjunction with the X509ChainStatus structure and the ChainStatus property.

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0, 2.0

Date

History

Reason

August 2010

Identified NotTimeNested as deprecated.

Content bug fix.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.