Share via


RevocationFlags Enumeration

 

Indicates what revocation checking activities should be performed by AD FS, when configured on an X509VerificationMethod object. These flags will eventually be passed to the cryptography CertGetCertificateChain function. The RevocationFlags enumeration is part of the Federation Service’s trust policy configuration.

Namespace:   System.Web.Security.SingleSignOn
Assembly:  System.Web.Security.SingleSignOn (in System.Web.Security.SingleSignOn.dll)

Syntax

[ComVisibleAttribute(true)]
public enum RevocationFlags
[ComVisibleAttribute(true)]
public enum class RevocationFlags
[<ComVisibleAttribute(true)>]
type RevocationFlags
<ComVisibleAttribute(True)>
Public Enumeration RevocationFlags

Members

Member name Description
CheckChain

Equates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN value in the CertGetCertificateChain Cryptography function. Revocation checking is done on all of the certificates in every chain.

CheckChainCacheOnly

Equates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN | CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY values in the CertGetCertificateChain Cryptography function. Revocation checking is done on all of the certificates in every chain. Revocation checking only accesses cached URLs.

CheckChainExcludeRoot

Equates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT value in the CertGetCertificateChain Cryptography function. Revocation checking is done on all certificates in all of the chains except the root certificate.

CheckChainExcludeRootCacheOnly

Equates to the CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT | CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY values in the CertGetCertificateChain Cryptography function. Revocation checking is done on all certificates in all of the chains except the root certificate. Revocation checking only accesses cached URLs.

CheckEndCert

Equates to the CERT_CHAIN_REVOCATION_CHECK_END_CERT value in the CertGetCertificateChain Cryptography function. Revocation checking is done on the end certificate and only the end certificate.

CheckEndCertCacheOnly

Equates to the CERT_CHAIN_REVOCATION_CHECK_END_CERT | CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY values in the CertGetCertificateChain Cryptography function. Revocation checking is done on the end certificate and only the end certificate. Revocation checking only accesses cached URLs.

None

No revocation-related flags will be passed.

Remarks

Revocation checking flags corresponding to the flags documented in the cryptography CertGetCertificateChain function. For more information on the CertGetCertificateChain function, see the topic in the MSDN library.

See Also

System.Web.Security.SingleSignOn Namespace

Return to top