Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All
Expand Minimize

RevocationFlags Enumeration

Indicates what revocation checking activities should be performed by AD FS, when configured on an X509VerificationMethod object. These flags will eventually be passed to the cryptography CertGetCertificateChain function. The RevocationFlags enumeration is part of the Federation Service’s trust policy configuration.


Namespace: System.Web.Security.SingleSignOn
Assembly: System.Web.Security.SingleSignOn (in system.web.security.singlesignon.dll)

 Member nameDescription
CheckChainEquates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN value in the CertGetCertificateChain Cryptography function. Revocation checking is done on all of the certificates in every chain. 
CheckChainCacheOnlyEquates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN | CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY values in the CertGetCertificateChain Cryptography function. Revocation checking is done on all of the certificates in every chain. Revocation checking only accesses cached URLs. 
CheckChainExcludeRootEquates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT value in the CertGetCertificateChain Cryptography function. Revocation checking is done on all certificates in all of the chains except the root certificate. 
CheckChainExcludeRootCacheOnlyEquates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT | CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY values in the CertGetCertificateChain Cryptography function. Revocation checking is done on all certificates in all of the chains except the root certificate. Revocation checking only accesses cached URLs. 
CheckEndCertEquates to the CERT_CHAIN_REVOCATION_CHECK_END_CERT value in the CertGetCertificateChain Cryptography function. Revocation checking is done on the end certificate and only the end certificate. 
CheckEndCertCacheOnlyEquates to the CERT_CHAIN_REVOCATION_CHECK_END_CERT | CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY values in the CertGetCertificateChain Cryptography function. Revocation checking is done on the end certificate and only the end certificate. Revocation checking only accesses cached URLs. 
NoneNo revocation-related flags will be passed. 

Revocation checking flags corresponding to the flags documented in the cryptography CertGetCertificateChain function. For more information on the CertGetCertificateChain function, see the topic in the MSDN library.

Development Platforms

Target Platforms

Windows Server 2008, Windows Server 2003, Windows Vista, Windows Server 2003 R2, Windows XP
Footer image

Send comments about this topic to Microsoft.

Community Additions

ADD
Show:
© 2015 Microsoft