X509ChainStatusFlags Enum
Definition
Defines the status of an X509 chain.
This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.
public enum class X509ChainStatusFlags[System.Flags]
public enum X509ChainStatusFlags[<System.Flags>]
type X509ChainStatusFlags = Public Enum X509ChainStatusFlags- Inheritance
- Attributes
Fields
| CtlNotSignatureValid | 262144 | Specifies that the certificate trust list (CTL) contains an invalid signature. |
| CtlNotTimeValid | 131072 | Specifies that the certificate trust list (CTL) is not valid because of an invalid time value, such as one that indicates that the CTL has expired. |
| CtlNotValidForUsage | 524288 | Specifies that the certificate trust list (CTL) is not valid for this use. |
| Cyclic | 128 | Specifies that the X509 chain could not be built. |
| ExplicitDistrust | 67108864 | Specifies that the certificate is explicitly distrusted. |
| HasExcludedNameConstraint | 32768 | Specifies that the X509 chain is invalid because a certificate has excluded a name constraint. |
| HasNotDefinedNameConstraint | 8192 | Specifies that the certificate has an undefined name constraint. |
| HasNotPermittedNameConstraint | 16384 | Specifies that the certificate has an impermissible name constraint. |
| HasNotSupportedCriticalExtension | 134217728 | Specifies that the certificate does not support a critical extension. |
| HasNotSupportedNameConstraint | 4096 | Specifies that the certificate does not have a supported name constraint or has a name constraint that is unsupported. |
| HasWeakSignature | 1048576 | Specifies that the certificate has not been strong signed. Typically, this indicates that the MD2 or MD5 hashing algorithms were used to create a hash of the certificate. |
| InvalidBasicConstraints | 1024 | Specifies that the X509 chain is invalid due to invalid basic constraints. |
| InvalidExtension | 256 | Specifies that the X509 chain is invalid due to an invalid extension. |
| InvalidNameConstraints | 2048 | Specifies that the X509 chain is invalid due to invalid name constraints. |
| InvalidPolicyConstraints | 512 | Specifies that the X509 chain is invalid due to invalid policy constraints. |
| NoError | 0 | Specifies that the X509 chain has no errors. |
| NoIssuanceChainPolicy | 33554432 | Specifies that there is no certificate policy extension in the certificate. This error would occur if a group policy has specified that all certificates must have a certificate policy. |
| NotSignatureValid | 8 | Specifies that the X509 chain is invalid due to an invalid certificate signature. |
| NotTimeNested | 2 | Deprecated. Specifies that the CA (certificate authority) certificate and the issued certificate have validity periods that are not nested. For example, the CA cert can be valid from January 1 to December 1 and the issued certificate from January 2 to December 2, which would mean the validity periods are not nested. |
| NotTimeValid | 1 | Specifies that the X509 chain is not valid due to an invalid time value, such as a value that indicates an expired certificate. |
| NotValidForUsage | 16 | Specifies that the key usage is not valid. |
| OfflineRevocation | 16777216 | Specifies that the online certificate revocation list (CRL) the X509 chain relies on is currently offline. |
| PartialChain | 65536 | Specifies that the X509 chain could not be built up to the root certificate. |
| RevocationStatusUnknown | 64 | Specifies that it is not possible to determine whether the certificate has been revoked. This can be due to the certificate revocation list (CRL) being offline or unavailable. |
| Revoked | 4 | Specifies that the X509 chain is invalid due to a revoked certificate. |
| UntrustedRoot | 32 | Specifies that the X509 chain is invalid due to an untrusted root certificate. |
Remarks
This enumeration is used in conjunction with the X509ChainStatus structure and the ChainStatus property.
The flags ExplicitDistrust, HasNotSupportedCriticalExtension and HasWeakSignature were introduced with the .NET Framework 4.6.1.