Re: CertIsValidCRLForCertificate

From: Vishal Agarwal[MSFT] (vishala_at_online.microsoft.com)
Date: 03/12/04


Date: Fri, 12 Mar 2004 10:00:36 -0800

Does your CRL has an IDP extension? If not, then it will return true.

This function doesn't check if the signer of the CRL is same as the issuer
of the Certificate. Is this what you are trying to verify? If so, you should
use CryptVerifyCertificateSignatureEx function.

Thanks,
Vishal[MSFT]

-- 
This posting is provided "AS IS" with no warranties, and confers no rights
"Juergen Ludyga" <juergen.ludyga@mentana_nospam_.de> wrote in message
news:%23w3ewQDCEHA.2060@TK2MSFTNGP12.phx.gbl...
> Hallo,
>
> I've to use this function, but it doesn't matter which CERT_CONTEXT and
> which CRL_CONTEXT I try, it'll alway return TRUE.
>
> <getting Cert from MY-Store, loading CRL from LDAP>
> BOOL bCert;
>
>
bCert=CertIsValidCRLForCertificate(pSignerCertFromSignature,pCRLContext,0,NU
> LL);
>
> bCert  ist allways TRUE!!!
>
> The certificate is ok, and the CRL Context also .
>
> Juergen
>
> ---
> If want to answer me, just remove _nospam_ .
>
>