3.5.4.7.1 CheckIfCertificateAllowedRR Method (Opnum 3)
The CheckIfCertificateAllowedRR method validates whether the provided certificate is valid for SSTP [MS-SSTP] configuration.
-
HRESULT CheckIfCertificateAllowedRR( [in] PCWSTR adminCertName, [in, out] PSSTP_CERT_INFO_1 certSha1, [in, out] PSSTP_CERT_INFO_1 certSha256 );
adminCertName: This is a wide character string that contains the display name of the certificate.
certSha1: A pointer to SHA1 hash of the certificate. The format is as specified in section 2.2.1.2.140.
certSha256: A pointer to SHA256 hash of the certificate. The format is as specified in section 2.2.1.2.140.
At least one of these three parameters MUST have valid information, which means the caller can pass the display name, SHA1 hash, or SHA256 hash of the certificate whose validity is being checked. If the method call is successful and certificate details passed match the configuration, details of the certificate configured are returned in certSha1 and certSha256.
Return Values: The server MUST return zero if it successfully processes the message. If processing fails, the server MUST return a nonzero HRESULT error code as defined in the [MS-DTYP] section 2.2.18, between 0x80000000 and 0xFFFFFFFF, as specified in [MS-ERREF] section 2.1. For protocol purposes, all nonzero values MUST be treated as equivalent failures.
When processing this call, the RRASM server MUST do the following:
§ Call the abstract interface Invoke REMRAS method specifying the operation and the parameters to enable the RRAS server to perform the required management task.
§ Return any error status the RRAS server returns. Otherwise, return ERROR_SUCCESS.
No exceptions are thrown beyond those thrown by the underlying RPC protocol [MS-RPCE].