3.2.1.4.2.3 ICertRequestD::Ping (Opnum 5)

The Ping method performs a request response test (ping) to the CA.

 HRESULT Ping(
   [in, string, unique, range(1, 1536)] wchar_t const * pwszAuthority
 );

pwszAuthority: A null-terminated [UNICODE] string that MUST contain the name of the CA. The CA name MUST be the CN value in the Subject field of the CA signing certificates or its sanitized name. The sanitized names algorithm is specified in section 3.1.1.4.1.1.

Return Values: For a successful invocation, the CA MUST return 0; otherwise, the CA MUST return a nonzero value.

The processing rules for this method are as follows.

If Config_CA_Interface_Flags contains the value IF_NOREMOTEICERTREQUEST, the server SHOULD return 0x80094011 (CERTSRV_E_ENROLL_DENIED) to the client.<84>

If Config_CA_Interface_Flags contains the value IF_ENFORCEENCRYPTICERTREQUEST and the RPC_C_AUTHN_LEVEL_PKT_PRIVACY authentication level, as defined in [MS-RPCE] section 2.2.1.1.8, is not specified on the RPC connection from the client, the CA MUST refuse to establish a connection with the client by returning a nonzero error.<85>

Upon receiving this invocation, the CA MUST verify the CA name that is passed in the pwszAuthority parameter by invoking the processing rules in section 3.2.1.4.2.1.1 with the CANameString input parameter set to the CA name passed in the pwszAuthority parameter and the EmptyNameAllowed input parameter set to true. If false is returned, the CA MUST return the E_INVALIDARG (0x80070057) error code to the client.