Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The client has requested a particular backward cross certificate. The client MUST specify the required index through the PropIndex parameter.
If the CA is a root CA, the CA MUST return a non-zero error code.
If the server implements the Signing_Backward_Cross_Certificate column, it MUST return the value of this column in the row that is identified by the value of the PropIndex parameter. The CA MUST return the backward cross certificate in the X.509 format (as specified in [X660]) marshaled in a CERTTRANSBLOB structure (as specified in section 2.2.2.2.2).
If there is no value stored in the table (see section 3.2.1.1), the CA MUST return a non-zero error.
If the index provided by the client is out of range as defined in the table in section 3.2.1.4.3.2, the CA MUST return a non-zero error.
If the server does not implement the Signing_Backward_Cross_Certificate column, the server MUST return an empty CERTTRANSBLOB. Marshaling rules for CERTTRANSBLOB are specified in section 2.2.2.2.