SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS structure

[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]

The SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS structure checks if any certificates in the chain have weak cryptography and checks if a third party root certificate is compliant with the Microsoft Root Program requirements. An error string will be provided if either condition is not met.

Syntax

C++


typedef struct _SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS {
  DWORD cbSize;
  DWORD dwErrorLevel;
  DWORD dwErrorCategory;
  DWORD dwReserved;
  WCHAR wszErrorText;
} SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS, *PSSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS;

Members

cbSize

DWORD value that specifies the size, in bytes, of this structure. This value must be set to a value greater than or equal to sizeof(SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS).

dwErrorLevel

DWORD value that specifies the level of an error.

Value	Meaning
CERT_CHAIN_POLICY_SSL_F12_SUCCESS_LEVEL 0	No certificate errors.
CERT_CHAIN_POLICY_SSL_F12_WARNING_LEVEL 1	Certificate warning level.
CERT_CHAIN_POLICY_SSL_F12_ERROR_LEVEL 2	Certificate error level.

dwErrorCategory

DWORD value that specifies the category of an error. Each error category has a corresponding dwErrorLevel.

Value	Meaning
CERT_CHAIN_POLICY_SSL_F12_NONE_CATEGORY 0	No certificate errors.
CERT_CHAIN_POLICY_SSL_F12_WEAK_CRYPTO_CATEGORY 1	Errors in this category with the dwErrorLevel: CERT_CHAIN_POLICY_SSL_F12_WARNING_LEVEL are errors associated with all other roots including enterprise. Errors in this category with the dwErrorLevel: CERT_CHAIN_POLICY_SSL_F12_ERROR_LEVEL are errors associated with the third party root certificate.
CERT_CHAIN_POLICY_SSL_F12_ROOT_PROGRAM_CATEGORY 2	Errors in this category with the dwErrorLevel: CERT_CHAIN_POLICY_SSL_F12_WARNING_LEVEL are all errors with root program compliance failures.

Value

Meaning

CERT_CHAIN_POLICY_SSL_F12_NONE_CATEGORY
0

No certificate errors.

CERT_CHAIN_POLICY_SSL_F12_WEAK_CRYPTO_CATEGORY
1

Errors in this category with the dwErrorLevel: CERT_CHAIN_POLICY_SSL_F12_WARNING_LEVEL are errors associated with all other roots including enterprise.

Errors in this category with the dwErrorLevel: CERT_CHAIN_POLICY_SSL_F12_ERROR_LEVEL are errors associated with the third party root certificate.

CERT_CHAIN_POLICY_SSL_F12_ROOT_PROGRAM_CATEGORY
2

Errors in this category with the dwErrorLevel: CERT_CHAIN_POLICY_SSL_F12_WARNING_LEVEL are all errors with root program compliance failures.

dwReserved

DWORD value reserved for future use.

wszErrorText

The error string provided if any certificates in the chain have weak cryptography or if the third party root certificate is not compliant with the Microsoft Root Program requirements.

Requirements

Minimum supported client	Windows 10 [desktop apps only]
Minimum supported server	Windows Server 2016 [desktop apps only]
Header	Wincrypt.h

Deutsch	English	Español	Français
Italiano	日本語	한국어	Português
Pусский	简体中文	繁體中文

SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS structure

Syntax

Members

Requirements

See also