NdesPolicyBaseOnVerifyRequest Method

Verifies the NDES certificate request for submission to the CA.

Definition

Namespace: ADCS.CertMod.Managed.NDES
Assembly: ADCS.CertMod.Managed (in ADCS.CertMod.Managed.dll) Version: 3.0.0+d2bb03ea44678b01baee06872c78fd0a30d7e09e

C#

protected abstract bool OnVerifyRequest(
	byte[]? pkcs10Request,
	X509Certificate2? signingCertificate,
	string template,
	string transactionID
)

VB

Protected MustOverride Function OnVerifyRequest ( 
	pkcs10Request As Byte(),
	signingCertificate As X509Certificate2,
	template As String,
	transactionID As String
) As Boolean

C++

protected:
virtual bool OnVerifyRequest(
	array<unsigned char>^ pkcs10Request, 
	X509Certificate2^ signingCertificate, 
	String^ template, 
	String^ transactionID
) abstract

F#

abstract OnVerifyRequest : 
        pkcs10Request : byte[] * 
        signingCertificate : X509Certificate2 * 
        template : string * 
        transactionID : string -> bool

Parameters

pkcs10Request Byte: The encoded PKCS#10 request.
signingCertificate X509Certificate2: The valid signing certificate for a renewal request. Set to null for initial request.
template String: The template being requested for, as determined by NDES.
transactionID String: The SCEP request transaction ID.

Return Value

Boolean
true if the challenge is verified; otherwise false.

Remarks

Implementers shall authenticate the request by comparing challenge password stored in request attributes (Challenge Password: 1.2.840.113549.1.9.7) against issued and not yet consumed challenge password cache.

Note: challenge password is included in initial requests only (when signingCertificate parameter is null). Renewal requests do not contain challenge password, thus it MUST NOT be checked.

Implementers MUST NOT remove challenge password from cache in this method override.

NdesPolicyBaseOnVerifyRequest Method

Definition

Parameters

Return Value

Remarks

See Also

Reference

Other Resources