3.2.1.4.3.2.23 PropID = 0x00000017 (CR_PROP_ROLESEPARATIONENABLED) "Role Separated Enabled"
The client requested to know whether the role separation feature is enabled on the CA.
If the CA implements the Config_CA_Role_Separation data, the CA must return a value listed in the following table.
|
Stored value |
CA MUST return |
|---|---|
|
Role_Separation_Enabled |
1 |
|
Role_Separation_Disabled |
0 |
If the CA does not implement this data, the CA MUST return a nonzero error code. The error code SHOULD be E_INVALIDARG (0x80070057).<99>
The CA MUST return the value through the lRoleSeparationEnabled field of a CAINFO (section 2.2.2.4) structure. The CA MUST return the CAINFO (section 2.2.2.4) through a CERTTRANSBLOB (section 2.2.2.2) structure.
Marshaling rules for CERTTRANSBLOB are specified in section 2.2.2.2.