CERT_TRUST_STATUS (Compact 2013)

3/28/2014

This structure contains trust information about a certificate in a certificate chain, summary trust information about a simple chain of certificates, or summary information about an array of simple chains.

Syntax

typedef struct _CERT_TRUST_STATUS {
  DWORD dwErrorStatus;
  DWORD dwInfoStatus;
} CERT_TRUST_STATUS, *PCERT_TRUST_STATUS;

Members

  • dwErrorStatus
    The following table shows error status codes that are defined for certificates and chains.

    Error status code

    Description

    CERT_TRUST_NO_ERROR

    No error found for this certificate or chain.

    CERT_TRUST_IS_NOT_TIME_VALID

    This certificate or one of the certificates in the certificate chain is not time valid.

    CERT_TRUST_IS_NOT_TIME_NESTED

    Certificates in the chain are not properly time nested.

    CERT_TRUST_IS_REVOKED

    Trust for this certificate or one of the certificates in the certificate chain has been revoked.

    CERT_TRUST_IS_NOT_SIGNATURE_VALID

    The certificate or one of the certificates in the certificate chain does not have a valid signature.

    CERT_TRUST_IS_NOT_VALID_FOR_USAGE

    The certificate or certificate chain is not valid for its proposed usage.

    CERT_TRUST_IS_UNTRUSTED_ROOT

    The certificate or certificate chain is based on an untrusted root.

    CERT_TRUST_REVOCATION_STATUS_UNKNOWN

    The revocation status of the certificate or one of the certificates in the certificate chain is unknown.

    CERT_TRUST_IS_CYCLIC

    One of the certificates in the chain was issued by a certification authority that the original certificate had certified.

    The following table shows codes that are defined for chains only.

    Error status code

    Description

    CERT_TRUST_IS_PARTIAL_CHAIN

    The certificate chain is not complete.

    CERT_TRUST_CTL_IS_NOT_TIME_VALID

    A CTL used to create this chain was not time valid.

    CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID

    A CTL used to create this chain did not have a valid signature.

    CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE

    A CTL used to create this chain is not valid for this usage.

  • dwInfoStatus
    The following table shows information status codes that are defined.

    Information status codes

    Description

    CERT_TRUST_HAS_EXACT_MATCH_ISSUER

    An exact match issuer certificate has been found for this certificate.

    CERT_TRUST_HAS_KEY_MATCH_ISSUER

    A key match issuer certificate has been found for this certificate.

    CERT_TRUST_HAS_NAME_MATCH_ISSUER

    A name match issuer certificate has been found for this certificate.

    CERT_TRUST_IS_SELF_SIGNED

    This certificate is self-signed.

    CERT_TRUST_IS_COMPLEX_CHAIN

    The certificate chain created is a complex chain.

    The CERT_TRUST_IS_COMPLEX_CHAIN code is defined for chains only; all other codes are defined for certificates only.

Requirements

Header

wincrypt.h

See Also

Reference

Cryptography Structures
CERT_CHAIN_CONTEXT
CERT_SIMPLE_CHAIN