Re: Access to CRLs used during chain building

From: Kelvin Yiu [MS] (kelviny_at_online.microsoft.com)
Date: 11/24/04 

Date: Tue, 23 Nov 2004 19:50:13 -0800

There is no way to use CAPICOM to access the CRLs used to validate the
chain. You must call the Win32 API (as Vishal suggested) to build the chain. 

-- 
Kelvin Yiu [MS]
This posting is provided "AS IS" with no warranties, and confers no rights
"Vishal Agarwal[MSFT]" <vishala@online.microsoft.com> wrote in message 
news:ukRLXUszEHA.4004@tk2msftngp13.phx.gbl...
> If you do CertGetCertificateChain on the Certificate, the ChainContext 
> would have all the information 
> (ppChainContext->rgpChain[0]->rgpElement[0]->pRevocationInfo->pCrlInfo->pBaseCrlContext).
>
> Thanks,
> Vishal Agarwal[MSFT]
>
> -- 
> This posting is provided "AS IS" with no warranties, and confers no rights
> "Bill Brice" <BillBrice@discussions.microsoft.com> wrote in message 
> news:C2C5E018-8B71-4621-A921-9A223B75B78A@microsoft.com...
>> How can I access the CRLs that the chain engine used to check revocation 
>> on
>> each certificate in the chain.  The purpose is to be able to archive the 
>> full
>> chain and revocation data so verification can be reproduced years in the
>> future.
>>
>> For example, after using Chain.Build (CAPICOM) what the best approach to
>> archiving the CRLs used and being able to replicate the verification at a
>> later date.
>>
>> Thanks.
>> -- 
>> Bill Brice
>
>