IKEEXT_CERTIFICATE_CRITERIA0 structure (iketypes.h)

The IKEEXT_CERTIFICATE_CRITERIA0 structure contains a set of criteria to applied to an authentication method.

Syntax

typedef struct IKEEXT_CERTIFICATE_CRITERIA0_ {
  FWP_BYTE_BLOB     certData;
  FWP_BYTE_BLOB     certHash;
  IKEEXT_CERT_EKUS0 *eku;
  IKEEXT_CERT_NAME0 *name;
  UINT32            flags;
} IKEEXT_CERTIFICATE_CRITERIA0;

Members

certData

Type: FWP_BYTE_BLOB

X509/ASN.1 encoded name of the root certificate. Should be empty when specifying Enterprise or trusted root store config.

certHash

Type: FWP_BYTE_BLOB

16-character hexadecimal string that represents the ID, thumbprint or HASH of the end certificate.

eku

Type: IKEEXT_CERT_EKUS0*

The specific extended key usage (EKU) object identifiers (OIDs) selected for the criteria on the end certificate.

name

Type: IKEEXT_CERT_NAME0*

The name/subject selected for the criteria on the end certificate.

flags

Type: UINT32

Reserved for system use.

Remarks

The certData member refers to the encoded name of the root certificate, while the certHash, eku, and name members refer to criteria on the end certificate.

Requirements

Requirement Value
Minimum supported client Windows 8 [desktop apps only]
Minimum supported server Windows Server 2012 [desktop apps only]
Header iketypes.h

See also

FWP_BYTE_BLOB

IKEEXT_CERT_EKUS0

IKEEXT_CERT_NAME0