4.20.1 Request

The following example shows a ValidateCert command request (section 2.2.1.22) sent from the client to the server to validate certificates. The validatecert:CertificateChain element (section 2.2.3.20) contains all of the certificates in a certificate chain, and the validatecert:Certificate elements (section 2.2.3.23.2) contain the individual certificate values. The validatecert:CheckCrl element (section 2.2.3.26) is set to 1 (TRUE), indicating that the server cannot ignore an unverifiable revocation status.

 <?xml version="1.0" encoding="utf-8"?>
 <ValidateCert xmlns="ValidateCert">
   <CertificateChain>
   <!—Certificate values have been truncated for example purposes -->
     <Certificate>MIICYjCCAcugAwIBAgIUYGs8jZbX0Vxj/0CIrh8…</Certificate>
     <Certificate>MIIB8zCCAVygAwIBAgIUdhWamYEKM9eaFVFSylR…</Certificate>
     <Certificate>MIIB8zCCAVygAwIBAgIU9uwT6UARSuw1KdJmYN6…</Certificate>
     <Certificate>MIIB8zCCAVygAwIBAgIUB0959dCBM5WSLg7NuM4…</Certificate>
     <Certificate>MIIB8zCCAVygAwIBAgIUGFjVCBrvrguSaNxziWN…</Certificate>
   </CertificateChain>
   <Certificates>
     <Certificate>MIICYjCCAcugAwIBAgIUYGs8jZbX0VxjObu4nw0…</Certificate>
   </Certificates>
   <CheckCRL>1</CheckCRL>
 </ValidateCert>