IChain2::Status property

[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista, and Windows XP. Instead, use the X509Chain Class in the System.Security.Cryptography.X509Certificates namespace.]

The Status property retrieves the validity status of the chain or a specific certificate in the chain.

Syntax


Chain.Status( _
  ByVal Index _
) As Long

Property value

A LONG value that represents the validity status indicator of the chain or the specified certificate. The following table shows the possible values. This property will contain zero if the chain or specified certificate is valid. Otherwise, this property will contain a combination of one or more of the following values.

CAPICOM_TRUST_IS_NOT_TIME_VALID (&H00000001)

This certificate or one of the certificates in the certificate chain is not time valid.

CAPICOM_TRUST_IS_NOT_TIME_NESTED (&H00000002)

Certificates in the chain are not properly time nested.

CAPICOM_TRUST_IS_REVOKED (&H00000004)

Trust for this certificate or one of the certificates in the certificate chain has been revoked.

CAPICOM_TRUST_IS_NOT_SIGNATURE_VALID (&H00000008)

The certificate or one of the certificates in the certificate chain does not have a valid signature.

CAPICOM_TRUST_IS_NOT_VALID_FOR_USAGE (&H00000010)

The certificate or certificate chain is not valid for its proposed usage.

CAPICOM_TRUST_IS_UNTRUSTED_ROOT (&H00000020)

The certificate or certificate chain is based on an untrusted root.

CAPICOM_TRUST_REVOCATION_STATUS_UNKNOWN (&H00000040)

The revocation status of the certificate or one of the certificates in the certificate chain is unknown.

CAPICOM_TRUST_IS_CYCLIC (&H00000080)

One of the certificates in the chain was issued by a certification authority that the original certificate had certified.

CAPICOM_TRUST_INVALID_EXTENSION (&H00000100)

One of the certificates has an extension that is not valid.

CAPICOM_TRUST_INVALID_POLICY_CONSTRAINTS (&H00000200)

The certificate or one of the certificates in the certificate chain has a policy constraints extension, and one of the issued certificates has a disallowed policy mapping extension or does not have a required issuance policies extension.

CAPICOM_TRUST_INVALID_BASIC_CONSTRAINTS (&H00000400)

The certificate or one of the certificates in the certificate chain has a basic constraints extension, and either the certificate cannot be used to issue other certificates, or the chain path length has been exceeded.

CAPICOM_TRUST_INVALID_NAME_CONSTRAINTS (&H00000800)

The certificate or one of the certificates in the certificate chain has a name constraints extension that is not valid.

CAPICOM_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT (&H00001000)

The certificate or one of the certificates in the certificate chain has a name constraints extension that contains unsupported fields. The minimum and maximum fields are not supported. Thus minimum must always be zero and maximum must always be absent. Only UPN is supported for an Other Name. The following alternative name choices are not supported:

  • X400 Address
  • EDI Party Name
  • Registered Id

CAPICOM_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT (&H00002000)

The certificate or one of the certificates in the certificate chain has a name constraints extension, and a name constraint is missing for one of the name choices in the end certificate.

CAPICOM_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT (&H00004000)

The certificate or one of the certificates in the certificate chain has a name constraints extension, and there is not a permitted name constraint for one of the name choices in the end certificate.

CAPICOM_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT (&H00008000)

The certificate or one of the certificates in the certificate chain has a name constraints extension, and one of the name choices in the end certificate is explicitly excluded.

CAPICOM_TRUST_IS_OFFLINE_REVOCATION (&H01000000)

The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.

CAPICOM_TRUST_NO_ISSUANCE_CHAIN_POLICY (&H02000000)

The end certificate does not have any resultant issuance policies, and one of the issuing CA certificates has a policy constraints extension requiring it.

CAPICOM_TRUST_IS_PARTIAL_CHAIN (&H00010000)

The certificate chain is not compete.

CAPICOM_TRUST_CTL_IS_NOT_TIME_VALID (&H00020000)

A CTL used to create this chain was not time valid.

CAPICOM_TRUST_CTL_IS_NOT_SIGNATURE_VALID (&H00040000)

A CTL used to create this chain did not have a valid signature.

CAPICOM_TRUST_CTL_IS_NOT_VALID_FOR_USAGE (&H00080000)

A CTL used to create this chain is not valid for this usage.

Requirements

End of client support

Windows Vista

End of server support

Windows Server 2008

Redistributable

CAPICOM 2.0 or later on Windows Server 2003 and Windows XP

DLL

Capicom.dll

 

 

Show: