3.1.4.1.7 ICertAdminD::GetCRL (Opnum 9)
The GetCRL method instructs the CA to return the current base CRL for the current CA key.
-
HRESULT GetCRL( [in, string, unique] wchar_t const* pwszAuthority, [out, ref] CERTTRANSBLOB* pctbCRL );
pwszAuthority: See the pwszAuthority definition in section 3.1.4.1.1.
pctbCRL: If the function succeeds, this method MUST return a CERTTRANSBLOB structure that contains the ASN.1 DER (as specified in [X660] and [X690]) encoded CRL (CRLRawCRL) for the CA server's current signing certificate.
The GetCRL method instructs the CA to return the recent base CRL, which is signed with the current CA key to the caller. If a CRL cannot be found, the CA MUST return ERROR_FILE_NOT_FOUND, as specified in [MS-ERREF].<35>