[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Re: CertVerifyCertificateChainPolicy
From: bug84 () HUSHMAIL ! COM
Date: 2001-08-21 21:40:19
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Excellent! Thanks for the confirmation of this, Carlos.
I have dumped the certs and Test CA certs with Openssl and found that where the MS \
Cert Services inject the CRL dist points, the test certs from these vendors do not \
include the same info...
Does any one know if the purchased certs have the crl distribution points properly \
inserted in the certs? I haven't received any response from the Verisign people on \
this (yet) other than another form email and it has been a few days.
Thanks
bug
At Tue, 21 Aug 2001 14:16:28 -0700, Carlos Lopez <clopez@MICROSOFT.COM> wrote:
> The reason you are getting 0x80092012(CRYPT_E_NO_REVOCATION_CHECK) is
> because there are no CRL distribution points on these certificates.
>
> Thanks
> Carlos
>
> -----Original Message-----
> From: bug84@HUSHMAIL.COM [mailto:bug84@HUSHMAIL.COM]
> Sent: Tuesday, August 21, 2001 2:07 PM
> To: CryptoAPI@DISCUSS.MICROSOFT.COM
> Subject: CertVerifyCertificateChainPolicy
>
> Hi,
>
> I am having trouble with the CertVerifyCertificateChainPolicy() call
> in that
> it is returning 0x80092012 for the trust of baltimore, verisign and
> thawte test
> certificates.
>
> Is this just an issue for the test certs from these companies? If I
> go buy
> a cert will it pass this test.
>
> Is this just a matter of the test certs not having a CRL retrieval
> localtion
> in them?
>
> Any help would be appreciated.
>
> thanks
>
>
> ps... the 0x80092012 error means that the revokation function could not
> verify the certificate.
> Free, secure Web-based email, now OpenPGP compliant - www.hushmail.com
>
> ----------------------------------------------------------------
> Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> contains important info. Save time, search the archives at
> http://discuss.microsoft.com/archives/index.html .
> To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
>
> ----------------------------------------------------------------
> Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> contains important info. Save time, search the archives at
> http://discuss.microsoft.com/archives/index.html .
> To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
>
>
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.0
wloEARECABoFAjuC1UcTHGJ1Zzg0QGh1c2htYWlsLmNvbQAKCRBBxU4wEsSpMXCmAKCm
3h6tthrD/4VhVQiiKneJerafRACeOk5j/myhoZNDguAld2/Fg8EweQU=
=uwX1
-----END PGP SIGNATURE-----
Free, secure Web-based email, now OpenPGP compliant - www.hushmail.com
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic