IChain2::Status property
[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista, and Windows XP. Instead, use the X509Chain Class in the System.Security.Cryptography.X509Certificates namespace.]
The Status property retrieves the validity status of the chain or a specific certificate in the chain.
Syntax
Chain.Status( _
ByVal Index _
) As Long
Property value
A LONG value that represents the validity status indicator of the chain or the specified certificate. The following table shows the possible values. This property will contain zero if the chain or specified certificate is valid. Otherwise, this property will contain a combination of one or more of the following values.
CAPICOM_TRUST_IS_NOT_TIME_VALID (&H00000001)
This certificate or one of the certificates in the certificate chain is not time valid.
CAPICOM_TRUST_IS_NOT_TIME_NESTED (&H00000002)
Certificates in the chain are not properly time nested.
CAPICOM_TRUST_IS_REVOKED (&H00000004)
Trust for this certificate or one of the certificates in the certificate chain has been revoked.
CAPICOM_TRUST_IS_NOT_SIGNATURE_VALID (&H00000008)
The certificate or one of the certificates in the certificate chain does not have a valid signature.
CAPICOM_TRUST_IS_NOT_VALID_FOR_USAGE (&H00000010)
The certificate or certificate chain is not valid for its proposed usage.
CAPICOM_TRUST_IS_UNTRUSTED_ROOT (&H00000020)
The certificate or certificate chain is based on an untrusted root.
CAPICOM_TRUST_REVOCATION_STATUS_UNKNOWN (&H00000040)
The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
CAPICOM_TRUST_IS_CYCLIC (&H00000080)
One of the certificates in the chain was issued by a certification authority that the original certificate had certified.
CAPICOM_TRUST_INVALID_EXTENSION (&H00000100)
One of the certificates has an extension that is not valid.
CAPICOM_TRUST_INVALID_POLICY_CONSTRAINTS (&H00000200)
The certificate or one of the certificates in the certificate chain has a policy constraints extension, and one of the issued certificates has a disallowed policy mapping extension or does not have a required issuance policies extension.
CAPICOM_TRUST_INVALID_BASIC_CONSTRAINTS (&H00000400)
The certificate or one of the certificates in the certificate chain has a basic constraints extension, and either the certificate cannot be used to issue other certificates, or the chain path length has been exceeded.
CAPICOM_TRUST_INVALID_NAME_CONSTRAINTS (&H00000800)
The certificate or one of the certificates in the certificate chain has a name constraints extension that is not valid.
CAPICOM_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT (&H00001000)
The certificate or one of the certificates in the certificate chain has a name constraints extension that contains unsupported fields. The minimum and maximum fields are not supported. Thus minimum must always be zero and maximum must always be absent. Only UPN is supported for an Other Name. The following alternative name choices are not supported:
- X400 Address
- EDI Party Name
- Registered Id
CAPICOM_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT (&H00002000)
The certificate or one of the certificates in the certificate chain has a name constraints extension, and a name constraint is missing for one of the name choices in the end certificate.
CAPICOM_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT (&H00004000)
The certificate or one of the certificates in the certificate chain has a name constraints extension, and there is not a permitted name constraint for one of the name choices in the end certificate.
CAPICOM_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT (&H00008000)
The certificate or one of the certificates in the certificate chain has a name constraints extension, and one of the name choices in the end certificate is explicitly excluded.
CAPICOM_TRUST_IS_OFFLINE_REVOCATION (&H01000000)
The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
CAPICOM_TRUST_NO_ISSUANCE_CHAIN_POLICY (&H02000000)
The end certificate does not have any resultant issuance policies, and one of the issuing CA certificates has a policy constraints extension requiring it.
CAPICOM_TRUST_IS_PARTIAL_CHAIN (&H00010000)
The certificate chain is not compete.
CAPICOM_TRUST_CTL_IS_NOT_TIME_VALID (&H00020000)
A CTL used to create this chain was not time valid.
CAPICOM_TRUST_CTL_IS_NOT_SIGNATURE_VALID (&H00040000)
A CTL used to create this chain did not have a valid signature.
CAPICOM_TRUST_CTL_IS_NOT_VALID_FOR_USAGE (&H00080000)
A CTL used to create this chain is not valid for this usage.
Requirements
| Requirement | Value |
|---|---|
| End of client support |
Windows Vista |
| End of server support |
Windows Server 2008 |
| Redistributable |
CAPICOM 2.0 or later on Windows Server 2003 and Windows XP |
| DLL |
|
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for