CryptoSys PKI Pro Manual

X509.CheckCertInCRL Method

Check whether an X.509 certificate has been revoked in a Certificate Revocation List (CRL).

Syntax

[C#]
public static int CheckCertInCRL(
	string certFile,
	string crlFile,
	string issuerCert,
	string dateStr
)
[VB.NET]
Public Shared Function CheckCertInCRL ( _
	certFile As String, _
	crlFile As String, _
	issuerCert As String, _
	dateStr As String _
) As Integer

Parameters

certFile
name of X.509 certificate to be checked (or base64 representation)
crlFile
name of CRL file
issuerCert
(optional) with name of X.509 certificate file for the entity that issued the CRL (or base64 representation)
dateStr
(optional) with date in ISO format (yyyy-mm-dd[Thh[:nn:ss]][Z]) on or after you wish to check for revocation. Leave empty "" for any date. The time must be in GMT (UTC, Zulu time)

Return Value

Zero if the certificate is NOT in the CRL; X509.Revoked (REVOCATION_ERROR +42) if the certificate has been revoked; otherwise a nonzero error code.

Remarks

The optional dateStr parameter allows you check whether a certificate was revoked only after the given date-time, which must be GMT (UTC). If the optional issuerCert is specified, the signature of the CRL will be checked against the key in the issuer's certificate and a SIGNATURE_ERROR will result if the signature is invalid.

See Also

VB6/C equivalent: X509_CheckCertInCRL

[Contents] [Index]

[PREV: X509.CertThumb Method...]   [Contents]   [Index]   
   [NEXT: X509.GetCertCountInP7Chain Method...]
Copyright © 2004-24 D.I. Management Services Pty Ltd. All rights reserved. Generated 2024-09-23T07:52:09Z.