HTTPSPolicyCallbackData structure (wincrypt.h)
The SSL_EXTRA_CERT_CHAIN_POLICY_PARA structure, also identified by the name HTTPSPolicyCallbackData, holds policy information used in the verification of Secure Sockets Layer (SSL) client/server certificate chains.
Syntax
typedef struct _HTTPSPolicyCallbackData {
union {
DWORD cbStruct;
DWORD cbSize;
} DUMMYUNIONNAME;
DWORD dwAuthType;
DWORD fdwChecks;
WCHAR *pwszServerName;
} HTTPSPolicyCallbackData, *PHTTPSPolicyCallbackData, SSL_EXTRA_CERT_CHAIN_POLICY_PARA, *PSSL_EXTRA_CERT_CHAIN_POLICY_PARA;
Members
DUMMYUNIONNAME
DUMMYUNIONNAME.cbStruct
DWORD value that specifies the number of bytes in this structure.
DUMMYUNIONNAME.cbSize
DWORD value that specifies the size, in bytes, of this structure.
dwAuthType
DWORD value that specifies the type of authentication. This member can be one of the following values.
Value | Meaning |
---|---|
|
The client is being authenticated. |
|
The server is being authenticated. |
fdwChecks
DWORD value that specifies certificate errors to ignore. This can be a bitwise combination of the following flags.
Value | Meaning |
---|---|
|
Ignore errors associated with a revoked certificate. |
|
Ignore errors associated with an unknown certification authority. |
|
Ignore errors associated with the use of a certificate. |
|
Ignore errors associated with a certificate that contains a common name that is not valid. |
|
Ignore errors associated with an expired certificate. |
pwszServerName
A pointer to a null-terminated wide character string that contains the server name. This member is ignored if the value of the dwAuthType member is AUTHTYPE_CLIENT.
If the string is Punycode encoded, then the server name from the certificate, either the DNS name or common name, is converted to a Punycode encoded string. Matching is then performed, label-by-label if the name contains wildcards, or a case-insensitive exact match otherwise.
If the string contains Unicode characters outside of the ASCII character set and the subject name, either the DNS name or common name, is a Punycode encoded string then it is Punycode encoded before comparison.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows XP [desktop apps only] |
Minimum supported server | Windows Server 2003 [desktop apps only] |
Header | wincrypt.h |