Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The GetCRL method instructs the CA to return the current base CRL for the current CA key.
-
HRESULT GetCRL( [in, string, unique] wchar_t const* pwszAuthority, [out, ref] CERTTRANSBLOB* pctbCRL );
pwszAuthority: See the pwszAuthority definition in section 3.1.4.1.1.
pctbCRL: If the function succeeds, this method MUST return a CERTTRANSBLOB structure that contains the ASN.1 DER (as specified in [X660] and [X690]) encoded CRL (CRLRawCRL) for the CA server's current signing certificate.
The GetCRL method instructs the CA to return the recent base CRL, which is signed with the current CA key to the caller. If a CRL cannot be found, the CA MUST return ERROR_FILE_NOT_FOUND, as specified in [MS-ERREF].<45>
If both Config_CRLPartition_Enabled and Config_CRLPartition_PartitionZero_Exclusive are set to TRUE, the CA MUST return E_INVALIDARG, as specified in [MS-ERREF].