This documentation is archived and is not being maintained.
X509ChainStatusFlags Enumeration
Visual Studio 2008
Updated: August 2010
Defines the status of an X509 chain.
This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.
Namespace: System.Security.Cryptography.X509CertificatesAssembly: System (in System.dll)
| Member name | Description | |
|---|---|---|
| NoError | Specifies that the X509 chain has no errors. | |
| NotTimeValid | Specifies that the X509 chain is not valid due to an invalid time value, such as a value that indicates an expired certificate. | |
| NotTimeNested | Deprecated, this flag has no effect. | |
| Revoked | Specifies that the X509 chain is invalid due to a revoked certificate. | |
| NotSignatureValid | Specifies that the X509 chain is invalid due to an invalid certificate signature. | |
| NotValidForUsage | Specifies that the key usage is not valid. | |
| UntrustedRoot | Specifies that the X509 chain is invalid due to an untrusted root certificate. | |
| RevocationStatusUnknown | Specifies that it is not possible to determine whether the certificate has been revoked. This can be due to the certificate revocation list (CRL) being offline or unavailable. | |
| Cyclic | Specifies that the X509 chain could not be built. | |
| InvalidExtension | Specifies that the X509 chain is invalid due to an invalid extension. | |
| InvalidPolicyConstraints | Specifies that the X509 chain is invalid due to invalid policy constraints. | |
| InvalidBasicConstraints | Specifies that the X509 chain is invalid due to invalid basic constraints. | |
| InvalidNameConstraints | Specifies that the X509 chain is invalid due to invalid name constraints. | |
| HasNotSupportedNameConstraint | Specifies that the certificate does not have a supported name constraint or has a name constraint that is unsupported. | |
| HasNotDefinedNameConstraint | Specifies that the certificate has an undefined name constraint. | |
| HasNotPermittedNameConstraint | Specifies that the certificate has an impermissible name constraint. | |
| HasExcludedNameConstraint | Specifies that the X509 chain is invalid because a certificate has excluded a name constraint. | |
| PartialChain | Specifies that the X509 chain could not be built up to the root certificate. | |
| CtlNotTimeValid | Specifies that the certificate trust list (CTL) is not valid because of an invalid time value, such as one that indicates that the CTL has expired. | |
| CtlNotSignatureValid | Specifies that the certificate trust list (CTL) contains an invalid signature. | |
| CtlNotValidForUsage | Specifies that the certificate trust list (CTL) is not valid for this use. | |
| OfflineRevocation | Specifies that the online certificate revocation list (CRL) the X509 chain relies on is currently offline. | |
| NoIssuanceChainPolicy | Specifies that there is no certificate policy extension in the certificate. This error would occur if a group policy has specified that all certificates must have a certificate policy. |
This enumeration is used in conjunction with the X509ChainStatus structure and the ChainStatus property.
Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98
The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Show: