2.2.1.4.2 X.509 Certificate Chain (X509 _CERTIFICATE_CHAIN)
The X.509 Certificate Chain packet contains a collection of X.509 certificates.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
NumCertBlobs |
|||||||||||||||||||||||||||||||
|
CertBlobArray (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
Padding (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
NumCertBlobs (4 bytes): A 32-bit unsigned integer. This field specifies the number of CertBlob structures in the CertBlobArray field. The minimum value MUST be 2 (self-signed license server certificate and terminal server certificate) and the maximum value MUST be 200 (clearing house issued license server certificate chain and terminal server certificate).
CertBlobArray (variable): An array of CertBlob structures. If the license server was issued an X.509 certificate chain by the clearing house, this array contains all the certificates from that chain, in root-certificate-first order. The second-to-last element in the array is the license server certificate. The terminal server certificate is the last element in this array. If the license server certificate is self-signed, this array contains only two elements: the license server certificate and the terminal server certificate. The license server certificate is also the root certificate, if the license server certificate is self-signed.
Padding (variable): A byte array of the length 8 + 4*NumCertBlobs is appended at the end the packet.