HTTP_SSL_CLIENT_CERT_INFO structure (http.h)

The HTTP_SSL_CLIENT_CERT_INFO structure contains data about a Secure Sockets Layer (SSL) client certificate that can be used to determine whether the certificate is valid.

Syntax

typedef struct _HTTP_SSL_CLIENT_CERT_INFO {
  ULONG   CertFlags;
  ULONG   CertEncodedSize;
  PUCHAR  pCertEncoded;
  HANDLE  Token;
  BOOLEAN CertDeniedByMapper;
} HTTP_SSL_CLIENT_CERT_INFO, *PHTTP_SSL_CLIENT_CERT_INFO;

Members

CertFlags

Flags that indicate whether the certificate is valid. The possible values for this member are a SSPI Status Code returned from SSPI or one of the following flags from the dwError member of the CERT_CHAIN_POLICY_STATUS structure:

CERT_E_EXPIRED

CERT_E_UNTRUSTEDCA

CERT_E_WRONG_USAGE

CERT_E_UNTRUSTEDROOT

CERT_E_REVOKED

CERT_E_CN_NO_MATCH

CertEncodedSize

The size, in bytes, of the certificate.

pCertEncoded

A pointer to the actual certificate.

Token

A handle to an access token. If the HTTP_SERVICE_CONFIG_SSL_FLAG_USE_DS_MAPPER flag is set using the HttpSetServiceConfiguration function, and the client certificate was successfully mapped to an operating-system user account, then this member contains the handle to a valid access token. When the HTTP_SSL_CLIENT_CERT_INFO structure is no longer required, release this token explicitly by closing the handle.

CertDeniedByMapper

Reserved.

Remarks

An HTTP_SSL_CLIENT_CERT_INFO structure is pointed to by the pClientCertInfo member of the HTTP_SSL_INFO structure, and is used by the HttpReceiveClientCertificate function to return data about the client certificate through the pSslClientCertInfo parameter.

Requirements

See also

HTTP Server API Version 1.0 Structures

HTTP_SSL_INFO

HttpReceiveClientCertificate