Name | Description |
---|
TimeNotValid | Specifies that the X509 chain is not valid due to an invalid time value, such as a value that indicates an expired certificate. |
TimeNotNested | Deprecated. Specifies that the CA (certificate authority) certificate and the issued certificate have validity periods that are not nested. For example, the CA cert can be valid from January 1 to December 1 and the issued certificate from January 2 to December 2, which would mean the validity periods are not nested. |
Revoked | Specifies that the X509 chain is invalid due to a revoked certificate. |
SignatureNotValid | Specifies that the X509 chain is invalid due to an invalid certificate signature. |
UsageNotValid | Specifies that the key usage is not valid. |
UntrustedRoot | The certificate or certificate chain is based on an untrusted root. |
RevocationStatusUnknown | The revocation status of the certificate or one of the certificates in the certificate chain is unknown. |
Cyclic | Specifies that the X509 chain could not be built. |
InvalidExtension | Specifies that the X509 chain is invalid due to an invalid extension. |
InvalidPolicyConstraints | Specifies that the X509 chain is invalid due to invalid policy constraints. |
InvalidBasicConstraints | Specifies that the X509 chain is invalid due to invalid basic constraints. |
InvalidNameConstraints | Specifies that the X509 chain is invalid due to invalid name constraints. |
NotSupportedNameConstraint | Specifies that the certificate does not have a supported name constraint or has a name constraint that is unsupported. |
NotDefinedNameConstraint | Specifies that the certificate has an undefined name constraint. |
NotPermittedNameConstraint | Specifies that the certificate has an impermissible name constraint. |
ExcludedNameConstraint | Specifies that the X509 chain is invalid because a certificate has excluded a name constraint. |
IncompleteChain | The X509 certificate chain is not compete. |
CtlTimeNotValid | Specifies that the certificate trust list (CTL) is not valid because of an invalid time value, such as one that indicates that the CTL has expired. |
CtlSignatureNotValid | Specifies that the certificate trust list (CTL) contains an invalid signature. |
CtlUsageNotValid | Specifies that the certificate trust list (CTL) is not valid for this use. |
OfflineRevocation | Specifies that the online certificate revocation list (CRL) the X509 chain relies on is currently offline. |
NoIssuanceChainPolicy | Specifies that there is no certificate policy extension in the certificate. This error would occur if a group policy has specified that all certificates must have a certificate policy. |
NotSupportedSignatureAlgorithm | Unsupported signature algorithm. |
UnknownError | Unknown error. |
PathTooLong | A path length constraint is violated. |
UnknownCriticalExtension | A certificate contains an unknown extension that is marked critical. |
InvalidChain | A parent of a given certificate in fact did not issue that child certificate. |
UnknownCa | A certificate chain could not be built to a trusted root authority. |
CnNotMatch | The certificate's CN name does not match the passed value. |
CaNotTrusted | A certification chain processed correctly, but one of the CA certificates
is not trusted by the policy provider. |
ExplicitDistrust | The certificate was explicitly marked as untrusted by the user. |
Malformed | A certificate is missing or has an empty value for an important field,
such as a subject or issuer name. |
HasMoreErrors | There might be more errors. |
WeakAlgorithm | The algorithm used in the certificate is not considered secure on this platform. |
NotTrusted | Certificate is not trusted. |