Chain object

[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista, and Windows XP. Instead, use the X509Chain Class in the System.Security.Cryptography.X509Certificates namespace.]

The Chain object represents a certificate trust chain.

This object provides properties and methods to build a certificate trust chain to check the validity of certificates. The chain is built using the CertificateStatus.CheckFlag property value and the policy settings of a CertificateStatus object.

The Chain object exposes the following interfaces:

  • IChain2: Introduced in CAPICOM 2.0.
  • IChain: Introduced in CAPICOM 1.0.

When to use

The Chain object is used to perform the following tasks:

  • Build a certificate trust chain.
  • Obtain the OIDs of all the certificate and application policies valid for the chain.
  • Verify the status of the certificates in the chain.
  • Obtain extended error information.
  • Retrieve the collection of certificates in the chain.

Members

The Chain object has these types of members:

Methods

The Chain object has these methods.

Method Description
ApplicationPolicies Returns an OIDs collection that represents the application policy OIDs valid for the chain.
(Inherited from ChainIChain2)
Build Builds a certificate verification chain from an end certificate to the trusted root certificate, returning a Boolean value that indicates the overall validity of the chain.
(Inherited from ChainIChain2IChain)
CertificatePolicies Returns an OIDs collection that represents the certificate policy OIDs valid for the chain.
(Inherited from ChainIChain2)
ExtendedErrorInfo Returns a string that contains additional error information about the indexed entry.
(Inherited from ChainIChain2)

 

Properties

The Chain object has these properties.

Property Access type Description
Certificates
Read-only
Retrieves a Certificates collection that represents the certificates in the chain. This is the default property.
(Inherited from ChainIChain2IChain)
Status
Read-only
Retrieves the validity status of the chain or a specific certificate in the chain.
(Inherited from ChainIChain2IChain)

 

Remarks

The Chain object can be created, and it is safe for scripting. The ProgID for the Chain object is "CAPICOM.Chain.2".

CAPICOM 1.x: The ProgID for the Chain object is CAPICOM.Chain.1.

Requirements

Requirement Value
End of client support
Windows Vista
End of server support
Windows Server 2008
Redistributable
CAPICOM 2.0 or later on Windows Server 2003 and Windows XP
DLL
Capicom.dll

See also

Cryptography Objects