NdesPolicyBaseOnNotify Method

Notifies the plug-in of the transaction status of the SCEP certificate request. This method can be used to remove challenge password from cache on successful issuance to protect from SCEP challenge password replay attacks.

Definition

Namespace: ADCS.CertMod.Managed.NDES
Assembly: ADCS.CertMod.Managed (in ADCS.CertMod.Managed.dll) Version: 3.0.0+d2bb03ea44678b01baee06872c78fd0a30d7e09e
C#
protected virtual void OnNotify(
	string? challenge,
	string transactionID,
	SCEPDisposition disposition,
	int lastHResult,
	X509Certificate2? issuedCertificate
)

Parameters

challenge  String
The authentication and authorization SCEP challenge password for the user.
transactionID  String
The SCEP request transaction ID.
disposition  SCEPDisposition
The disposition of the transaction.
lastHResult  Int32
The HRESULT of the last operation.
issuedCertificate  X509Certificate2
The requested certificate, if issued.

Remarks

This method provides default implementation which calls ReleaseChallenge(String).

Note: challenge password is included in initial requests only. Renewal requests do not contain challenge password.

See Also