HTTP_SERVICE_CONFIG_SSL_PARAM structure (http.h)
The HTTP_SERVICE_CONFIG_SSL_PARAM structure defines a record in the SSL configuration store.
Syntax
typedef struct _HTTP_SERVICE_CONFIG_SSL_PARAM {
ULONG SslHashLength;
PVOID pSslHash;
GUID AppId;
PWSTR pSslCertStoreName;
DWORD DefaultCertCheckMode;
DWORD DefaultRevocationFreshnessTime;
DWORD DefaultRevocationUrlRetrievalTimeout;
PWSTR pDefaultSslCtlIdentifier;
PWSTR pDefaultSslCtlStoreName;
DWORD DefaultFlags;
} HTTP_SERVICE_CONFIG_SSL_PARAM, *PHTTP_SERVICE_CONFIG_SSL_PARAM;
Members
SslHashLength
The size, in bytes, of the SSL hash.
pSslHash
A pointer to the SSL certificate hash.
AppId
A unique identifier of the application setting this record.
pSslCertStoreName
A pointer to a wide-character string that contains the name of the store from which the server certificate is to be read. If set to NULL, "MY" is assumed as the default name. The specified certificate store name must be present in the Local System store location.
DefaultCertCheckMode
Determines how client certificates are checked. This member can be one of the following values.
DefaultRevocationFreshnessTime
The number of seconds after which to check for an updated certificate revocation list (CRL). If this value is zero, the new CRL is updated only when the previous one expires.
DefaultRevocationUrlRetrievalTimeout
The timeout interval, in milliseconds, for an attempt to retrieve a certificate revocation list from the remote URL.
pDefaultSslCtlIdentifier
A pointer to an SSL control identifier, which enables an application to restrict the group of certificate issuers to be trusted. This group must be a subset of the certificate issuers trusted by the machine on which the application is running.
pDefaultSslCtlStoreName
The name of the store where the control identifier pointed to by pDefaultSslCtlIdentifier is stored.
DefaultFlags
A combination of zero or more of the following flag values can be combined with OR as appropriate.
| Flags | Meaning |
|---|---|
|
Enables a client certificate to be cached locally for subsequent use. |
|
Prevents SSL requests from being passed to low-level ISAPI filters. |
|
Client certificates are mapped where possible to corresponding operating-system user accounts based on the certificate mapping rules stored in Active Directory.
If this flag is set and the mapping is successful, the Token member of the HTTP_SSL_CLIENT_CERT_INFO structure is a handle to an access token. Release this token explicitly by closing the handle when the HTTP_SSL_CLIENT_CERT_INFO structure is no longer required. |
Remarks
Together with a HTTP_SERVICE_CONFIG_SSL_KEY structure, the HTTP_SERVICE_CONFIG_SSL_PARAM structure makes up the HTTP_SERVICE_CONFIG_SSL_SET structure passed to HttpSetServiceConfiguration function in the pConfigInformation parameter when the ConfigId parameter is set to HttpServiceConfigSSLCertInfo.
Together with a HTTP_SERVICE_CONFIG_SSL_CCS_KEY structure, the HTTP_SERVICE_CONFIG_SSL_PARAM structure makes up the HTTP_SERVICE_CONFIG_SSL_CCS_SET structure passed to HttpSetServiceConfiguration function in the pConfigInformation parameter when the ConfigId parameter is set to HttpServiceConfigSslCcsCertInfo.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista, Windows XP with SP2 [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Header | http.h |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for