RevocationFlags Enumeration
Indicates what revocation checking activities should be performed by AD FS, when configured on an X509VerificationMethod object. These flags will eventually be passed to the cryptography CertGetCertificateChain function. The RevocationFlags enumeration is part of the Federation Service’s trust policy configuration.
Namespace: System.Web.Security.SingleSignOn
Assembly: System.Web.Security.SingleSignOn (in System.Web.Security.SingleSignOn.dll)
Syntax
[ComVisibleAttribute(true)]
public enum RevocationFlags
[ComVisibleAttribute(true)]
public enum class RevocationFlags
[<ComVisibleAttribute(true)>]
type RevocationFlags
<ComVisibleAttribute(True)>
Public Enumeration RevocationFlags
Members
| Member name | Description | |
|---|---|---|
| CheckChain | Equates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN value in the CertGetCertificateChain Cryptography function. Revocation checking is done on all of the certificates in every chain. |
|
| CheckChainCacheOnly | Equates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN | CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY values in the CertGetCertificateChain Cryptography function. Revocation checking is done on all of the certificates in every chain. Revocation checking only accesses cached URLs. |
|
| CheckChainExcludeRoot | Equates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT value in the CertGetCertificateChain Cryptography function. Revocation checking is done on all certificates in all of the chains except the root certificate. |
|
| CheckChainExcludeRootCacheOnly | Equates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT | CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY values in the CertGetCertificateChain Cryptography function. Revocation checking is done on all certificates in all of the chains except the root certificate. Revocation checking only accesses cached URLs. |
|
| CheckEndCert | Equates to the CERT_CHAIN_REVOCATION_CHECK_END_CERT value in the CertGetCertificateChain Cryptography function. Revocation checking is done on the end certificate and only the end certificate. |
|
| CheckEndCertCacheOnly | Equates to the CERT_CHAIN_REVOCATION_CHECK_END_CERT | CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY values in the CertGetCertificateChain Cryptography function. Revocation checking is done on the end certificate and only the end certificate. Revocation checking only accesses cached URLs. |
|
| None | No revocation-related flags will be passed. |
Remarks
Revocation checking flags corresponding to the flags documented in the cryptography CertGetCertificateChain function. For more information on the CertGetCertificateChain function, see the topic in the MSDN library.
See Also
System.Web.Security.SingleSignOn Namespace
Return to top