Re: Obtaining CA signature from the CRL...

From: akhare1 (akhare1_at_my-deja.com)
Date: 01/31/04 

Date: 30 Jan 2004 15:55:36 -0800

"Vishal Agarwal[MSFT]" <vishala@online.microsoft.com> wrote in message news:<OxiG6715DHA.2736@TK2MSFTNGP09.phx.gbl>...
> If you have the CRL and the CA certificate you want to verify against, you
> don't need to obtain the signature separately.
> You can call CryptVerifyCertificateSignatureEx with
> CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL as the dwSubjectType and
> CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT as the IssuerType. (You will also need to
> supply appropriate pvSubject and pvIssuer).
>
> Thanks,
> Vishal[MSFT]
>
Thanks -- it worked like a charm!!!

Atul
<snip>

Relevant Pages

  • Re: CRL list
    ... If the certificate or any certificate from the same issuing CA was ... This cert will continue to verify, ... till the CRL expires. ... of the certs are valid. ...
    (microsoft.public.platformsdk.security)
  • Re: IAS CRL Configuration
    ... Essentially I am looking for how to review, control, initiate, verify ... that the CRL is being used/retreived/loaded by IAS. ... says that the CRL will be retreived when the previous one expires. ... certificate for which you want to configure expiration paramaters. ...
    (microsoft.public.internet.radius)
  • Re: How to publish crl
    ... CRL via information on the certificate that tells them where the CRL is ... > receives my digitally signed email it canīt verify the revocation of the ...
    (microsoft.public.windows.server.security)
  • CRL checking question...again
    ... framework or in WSDK) unless you call unmanaged CryptoAPI ... >how do I verify if a certificate is revoked or not ... >The certificate does not have a valid CRL Distribution ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Unable to use stunnel with tin...
    ... Looks like you got an odd version of stunnel. ... was getting the certificate written correctly. ... Next verify you can connect to the server. ...
    (comp.os.linux.setup)