NPKIGetCACertificates
Reads the CA certificates for objectDN and
stores them in context specific values (formerly NWPKIGetCACertificates).
Syntax
#include "npki.h"
NWRCODE NPKIGetCACertificates(
const NPKIContext context,
const unicode *objectDN,
const nuint32 flags,
pnuint32 objectCertSize,
nuint8 const **objectCert,
pnuint32 selfSignedCertSize,
nuint8 const **selfSignedCert,
pnuint32 numberOfChainCerts,
pnuint32 rootCertIndex,
void *reserved1,
void *reserved2);
Parameters
- context
- (IN) Specifies the NPKI context for the request.
- objectDN
- (IN) Specifies the FDN of the object whose CA certificates
you want. objectDN must be a valid CA object in
the current tree.
- flags
- (IN) Specifies which certificates are read and stored.
The following flags are currently defined:
- PKI_CHAIN_CERTIFICATE—Retrieves
the certificate chain (that is, the chain rooted in the Novell Certifier
CA). Only software that natively understands and processes the Novell
Security Attributes Extension should use this chain.
- PKI_TRUSTED_ROOT_CERTIFICATE—Retrieves
the trusted root certificate. Only software that natively understands
and processes the Novell Security Attributes Extension should use
this certificate.
- PKI_SELF_SIGNED_CERTIFICATE—Retrieves
the self-signed certificate.
NOTE:Most applications should use this certificate.
- PKI_OBJECT_KEY_CERTIFICATE—Retrieves
the object certificate (that is, the certificate for the specified
object). Only software that natively understands and processes the
Novell Security Attributes Extension should use this certificate.
PKI_OBJECT_KEY_CERTIFICATE can
be combined with any of the other flags, but none of the other flags
can be used together at one time. Also, NPKIGetServerCertificates and NPKIGetCACertificates use the same internal variables to
store results, so calling either of these functions destroys the
result of the previous call.
- objectCertSize
- (OUT) Returns the size of the object certificate.
- objectCert
- (OUT) Returns to the DER encoder X.509 object certificate.
- selfSignedCertSize
- (OUT) Returns the size of the self-signed certificate.
- selfSignedCert
- (OUT) Returns to the DER-encoded X.509 self-signed
certificate.
- numberOfChainCerts
- (OUT) Returns the number of certificates in the
certificate chain. You can call NPKIChainCertInfo to retrieve the certificates in the
certificate chain.
- rootCertIndex
- (OUT) Returns which certificate in the certificate
chain is marked as the root certificate.
- reserved1
- Reserved for future use.
- reserved2
- Reserved for future use.
Return Values
Returns 0 if successful, or an eDirectory, PKI, or NetWare®
error code if not successful.
PKI NCP Calls
0x2222 93 05 PKI Get Certificate
Remarks
The flags field determines which certificates are read. For
sample code, see GetCACert.