Click or drag to resize

X509CAVersionExtension Class

Represents CA Version extension that describes the CA certificate and CA private key index used in CA certificate and when signing CRLs.
Inheritance Hierarchy

Namespace:  System.Security.Cryptography.X509Certificates
Assembly:  SysadminsLV.PKI (in SysadminsLV.PKI.dll) Version: (
public sealed class X509CAVersionExtension : X509Extension

The X509CAVersionExtension type exposes the following members.

Public methodX509CAVersionExtension(AsnEncodedData, Boolean)
Initializes a new instance of X509CAVersionExtension from ASN.1-encoded byte array.
Public methodX509CAVersionExtension(UInt16, UInt16, Boolean)
Initializes a new instance of X509CAVersionExtension from CA certificate version and CA private key version.
Public propertyCACertificateVersion
Gets a zero-based CA certificate version.
Public propertyCAKeyVersion
Gets a zero-based CA private key version.
Public propertyCritical
Gets a Boolean value indicating whether the extension is critical.
(Inherited from X509Extension.)
Public propertyOid
Gets or sets the Oid value for an AsnEncodedData object.
(Inherited from AsnEncodedData.)
Public propertyRawData
Gets or sets the Abstract Syntax Notation One (ASN.1)-encoded data represented in a byte array.
(Inherited from AsnEncodedData.)
Public methodCopyFrom
Copies the extension properties of the specified AsnEncodedData object.
(Inherited from X509Extension.)
Public methodEquals
Determines whether the specified object is equal to the current object.
(Inherited from Object.)
Public methodFormat
Returns a formatted version of the Abstract Syntax Notation One (ASN.1)-encoded data as a string.
(Inherited from AsnEncodedData.)
Public methodGetHashCode
Serves as the default hash function.
(Inherited from Object.)
Public methodGetType
Gets the Type of the current instance.
(Inherited from Object.)
Public methodToString
Returns a string that represents the current object.
(Inherited from Object.)
Extension Methods
Public Extension MethodEncode
Encodes current extension to ASN.1-encoded byte array.
(Defined by X509ExtensionExtensions.)
Active Directory Certificate Services supports the renewal of a certification authority (CA). Renewal is the issuing of a new certificate for the CA to extend the CA's life beyond the end date of its original certificate.

Each renewal results in a new CA certificate; however, the administrator can either generate a new public/private key pair or reuse the existing public/private key pair for the CA certificate. For consistency and integrity, CA certificates and certificate revocation lists(CRL) issued by the CA before its renewal will be available after the CA has been renewed. To make these available, Certificate Services maintains an index of CA certificates, CRLs, and keys.

When CA server is installed, initial key pair is used and both have zero index. Each time CA certificate is renewed (regardless whether the key pair is changed or not), CA certificate index is incremented sequentially by one. CA private key index is changed only when new key pair is generated during CA certificate renewal and is updated to match CA certificate index.

See Also