X509RevocationFlag Enumeration

X509RevocationFlag Enumeration

 

Specifies which X509 certificates in the chain should be checked for revocation.

Namespace:   System.Security.Cryptography.X509Certificates
Assembly:  System (in System.dll)

public enum X509RevocationFlag

Member nameDescription
EndCertificateOnly

Only the end certificate is checked for revocation.

EntireChain

The entire chain of certificates is checked for revocation.

ExcludeRoot

The entire chain, except the root certificate, is checked for revocation.

Use this enumeration to specify which certificates in the chain are checked for revocation.

The following example opens the current user's personal certificate store, allows the user to select a certificate, then writes certificate and certificate chain information to the console. The output depends on the certificate you select.

//Output chain information of the selected certificate.
X509Chain ch = new X509Chain();
ch.Build (certificate);
Console.WriteLine ("Chain Information");
ch.ChainPolicy.RevocationMode = X509RevocationMode.Online;
Console.WriteLine ("Chain revocation flag: {0}", ch.ChainPolicy.RevocationFlag);
Console.WriteLine ("Chain revocation mode: {0}", ch.ChainPolicy.RevocationMode);
Console.WriteLine ("Chain verification flag: {0}", ch.ChainPolicy.VerificationFlags);
Console.WriteLine ("Chain verification time: {0}", ch.ChainPolicy.VerificationTime);
Console.WriteLine ("Chain status length: {0}", ch.ChainStatus.Length);
Console.WriteLine ("Chain application policy count: {0}", ch.ChainPolicy.ApplicationPolicy.Count);
Console.WriteLine ("Chain certificate policy count: {0} {1}", ch.ChainPolicy.CertificatePolicy.Count, Environment.NewLine);

Universal Windows Platform
Available since 10
.NET Framework
Available since 2.0
Return to top
Show:
© 2016 Microsoft