ICertAdmin::GetRevocationReason method (certadm.h)
The GetRevocationReason method returns the reason a certificate was revoked. This method was first defined in the ICertAdmin interface.
Before you call this method, you must call the IsValidCertificate method. For more information, see Remarks.
Syntax
HRESULT GetRevocationReason(
[out] LONG *pReason
);
Parameters
[out] pReason
A pointer to a variable that will receive the revocation reason.
Return value
C++
If the method succeeds, the method returns S_OK, and the pReason parameter is set to one of the values listed in the following table.If the method fails, it returns an HRESULT value that indicates the error. For a list of common error codes, see Common HRESULT Values.
VB
Returns a value that specifies the reason the certificate was revoked. The value can be one of the following revocation reason codes (defined in Wincrypt.h).| Return code | Description |
|---|---|
|
No reason was specified for revocation. |
|
It is known or suspected that the subject's private key or other aspects of the subject validated in the certificate are compromised. |
|
It is known or suspected that the CA's private key or other aspects of the CA validated in the certificate are compromised. |
|
The subject's name or other information in the certificate has been modified but there is no cause to suspect that the private key has been compromised. |
|
The certificate has been superseded, but there is no cause to suspect that the private key has been compromised. |
|
The certificate is no longer needed for the purpose for which it was issued, but there is no cause to suspect that the private key has been compromised. |
|
The certificate has been placed on hold. |
Remarks
Before you call GetRevocationReason, call the IsValidCertificate method to retrieve the disposition of the certificate. To call GetRevocationReason, you must receive a certificate disposition CA_DISP_REVOKED from this earlier call, indicating that the certificate has been revoked. The call to IsValidCertificate establishes the identity of the certificate whose revocation reason you want to retrieve.
Administration tasks use DCOM. Code that calls this interface method as defined in an earlier version of Certadm.h will run on Windows-based servers as long as the client and the server are both running the same Windows operating system.
Examples
// The value for nDisp was set by
// a call to ICertAdmin2::IsValidCertificate.
if (CA_DISP_REVOKED == nDisp)
{
// Variable to contain revocation reason.
long nReason;
// Retrieve the revocation reason.
hr = pCertAdmin->GetRevocationReason(&nReason);
if (FAILED(hr))
{
printf("Failed GetRevocationReason [%x]\n", hr);
goto error;
}
else
printf("Revocation reason = %d\n", nReason );
}
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | None supported |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Target Platform | Windows |
| Header | certadm.h (include Certsrv.h) |
| Library | Certidl.lib |
| DLL | Certadm.dll |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for