To properly verify a certificate, the entire certificate chain needs to be verified. The NPKIAPI libraries provide the capability to store CA certificates (that is, trusted roots) within eDirectory in a trusted root container. Use NPKIVerifyCertificateWithTrustedRoots to have the NPKIAPI libraries attempt to construct the entire certificate chain, using certificates found in the specified trusted root container, and to verify the resulting chain.
For a sample implementation of this task, see VerifyWithTrustedRoot.