CertificateStatus.CheckFlag property
[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista, and Windows XP. Instead, use the X509ChainStatus Structure in the System.Security.Cryptography.X509Certificates namespace.]
The CheckFlag property sets or retrieves the validity check flags for a certificate.
Syntax
CertificateStatus.CheckFlag As CAPICOM_CHECK_FLAG
Property value
A value of the CAPICOM_CHECK_FLAG enumeration that describes the validity checks for the certificate. The default value is CAPICOM_CHECK_ONLINE_ALL.
CAPICOM 2.0.0.3/2.0.0.2/2.0.0.1: The default value is CAPICOM_CHECK_SIGNATURE_VALIDITY, CAPICOM_CHECK_TIME_VALIDITY, CAPICOM_CHECK_TRUSTED_ROOT, and CAPICOM_CHECK_COMPLETE_CHAIN.
CAPICOM 2.0 and earlier: The default value is CAPICOM_CHECK_SIGNATURE_VALIDITY, CAPICOM_CHECK_TIME_VALIDITY, and CAPICOM_CHECK_TRUSTED_ROOT.
The following table shows the possible values.
Value | Meaning |
---|---|
|
Checks basic constraints. Introduced in CAPICOM 2.0. |
|
Checks the complete chain. Introduced in CAPICOM 2.0. |
|
Checks name constraints. Introduced in CAPICOM 2.0. |
|
Checks nested validity. Introduced in CAPICOM 2.0. |
|
No validity checking is done. |
|
Checks offline all. Revocation checks are performed on all certificates in the chain except for the root certificate. Introduced in CAPICOM 2.0. |
|
Checks online all. Revocation checks are performed on all certificates in the chain except for the root certificate. Introduced in CAPICOM 2.0. |
|
Checks the revocation status of all certificates in the chain using only offline CRLs. |
|
Checks the revocation status of all certificates in the chain using CRLs available online. CRLs are downloaded by using the CDP extension in the certificate. If the CRL has been downloaded and has not expired, CAPICOM uses it and does not go online. If a CRL has not been downloaded or is out of date, CAPICOM goes online to attempt to download the CRL. |
|
Checks for valid signatures on all certificates in the chain. |
|
Checks the time validity of all certificates in the chain. |
|
Checks for a trusted root of the certificate chain. |
Requirements
Requirement | Value |
---|---|
End of client support |
Windows Vista |
End of server support |
Windows Server 2008 |
Redistributable |
CAPICOM 2.0 or later on Windows Server 2003 and Windows XP |
DLL |
|