3.2.1.4.2.1.3 Requesting Status Inspection
If the pb field of the pctbRequest parameter is NULL, the client has requested a status inspection of a certificate request. This section describes the rules for processing certificate status requests. If the pb field of the pctbRequest parameter is not NULL, the CA MUST process the request as a new request as specified in section 3.2.1.4.2.1.4.
The rules for processing the status inspection are as follows:
If the *pdwRequestId is 0, the CA MUST fail the request with a non-zero error.
If pwszAttributes is not NULL, the CA MUST look up the record in the request table defined in the section 3.2.1.1.1 by matching the serial number of the certificate in pwszAttributes parameter with the values in the Serial_Number column. If the lookup failed, the function MUST return the error 0x80094004 (CERTSRV_E_PROPERTY_EMPTY).
The CA MUST set the value of the pdwDisposition parameter by mapping the value of the Request_Disposition column for the located record as described in the table below. The values of the Request_Disposition column are defined in [MS-CSRA] section 3.1.1.1.1.
Request_Disposition column value
pdwDisposition value
foreign certificate
0
request denied
2
certificate issued
3
request pending
5
certificate revoked
6
request failed
Non-zero value indicating an error that is not one of the values already defined in this table
If the value of the Request_Disposition column is "certificate issued", the CA MUST return the previously issued certificate through the pctbEncodedCert parameter as specified in section 3.2.1.4.2.1.4.8.
If the value of the Request_Disposition column is "request denied", the CA SHOULD set the return value to the 0x80094014 (CERTSRV_E_ADMIN_DENIED_REQUEST).<75>