NPKIGetServerInfo
Opens a connection to the specified server and sends
a PKI ping NCP to determine supported values for the server (formerly
NWPKIGetServerInfo).
Syntax
#include "npki.h"
NWRCODE NPKIGetServerInfo(
const NPKIContext context,
const unicode *serverDN,
const nuint32 flags,
pnuint32 keyGenerationalAlgorithms,
pnuint32 signingAlgorithms,
pnuint32 maxValidFromTime,
pnuint32 maxValidToTime,
pnuint32 caOperational,
pnuint32 pathLength,
pnuint32 reserved1,
pnuint32 serverVersion,
void *reserved2);
Parameters
- context
- (IN) Specifies the NPKI context for the request.
- serverDN
- (IN) Specifies the FDN of the server for which you
want to get information. This must be a valid eDirectory server
in the current tree.
- flags
- (IN) Specifies what information the ping requests.
The following flags and are defined:
- PKI_CA_INFO—Retrieves
information for creating or using a CA object.
- PKI_SERVER_INFO—Retrieves information
for creating a server certificate.
- PKI_USER_INFO—Retrieves information
for creating a user certificate.
- keyGenerationAlgorithms
- (OUT) Returns a bit mask that indicates which key
generation algorithms are available on the server.
You can call NPKIGetAlgorithmInfo for
each of the algorithms to determine the maximum key size supported
(this key generation algorithm is used as an argument in the NPKIGetAlgorithmInfo
function to identify the maximum supported key sizes for key generation).
- signingAlgorithms
- (OUT) Returns a bit mask that indicates which signing
algorithms are available on the server.
- maxValidFromTime
- (OUT) Returns the maximum starting validity period
represented as the number of seconds since 00:00:00 UTC January
1, 1970. This time can be different depending on which flag is passed
in the flag field. If the CA is installed and operational on the
server specified in the call to NPKIGetServerInfo, this returns the time corresponding
to the CA. See Remarks.
- maxValidToTime
- (OUT) Returns the maximum ending validity period
represented as the number of seconds since 00:00:00 UTC January
1, 1970. This time can be different depending on which flag is passed
in the flag field. If the CA is installed and operational on the
server specified in the call to NPKIGetServerInfo, this returns the time corresponding
to the CA. See Remarks.
- caOperational
- (OUT) Returns a bit mask that indicates whether
a CA is installed and operational on the server specified in the
call to NPKIGetServerInfo. The
current possible bit values are as follows:
- PKI_NO_CA_PRESENT—The
server does not host a CA.
- PKI_TREE_CA_PRESENT—The
server hosts the organizational CA.
- pathLength
- (OUT) Returns the path length of the certificate
authority certificates. For more information, see Section 4.1, Basic Constraints
Extension.
NOTE:This parameter is valid only when the flags field is set to
PKI_CA_INFO.
- reserved1
- Reserved for future use.
- serverVersion
- (OUT) Returns the version of the PKI.NLM, PKI.DLM
or PKI.SO running on the server specified by the serverDN parameter.
- reserved2
- Reserved for future use.
Return Values
Returns 0 if successful, or an eDirectory, NICI, or PKI error
code if not successful.
PKI NCP Calls
0x2222 93 01 PKI Ping
Remarks
The flags parameter determines the set
of information to acquire. The information returned from the ping
is stored in context specific data values. You can call NPKIGetAlgorithmInfo to get the supported
key generation algorithm key sizes.
When creating server certificates, you must call NPKIGetServerInfo on the server creating
the key pair and the server hosting the CA. Use the greater of the maxValidFromTime and
the lesser of the maxValidToTime.
If the key pair server and the CA server are the same, you
only need to call NPKIGetServerInfo once.
For sample code, see GetServerInfo.