Check CA Certificate Trust (QycdCheckCACertTrust) API
Required Parameter Group:
| 1 | Application ID | Output | Char(*) |
| 2 | Length of application ID | Input | Binary(4) |
| 3 | Number of CA certificate labels | Input | Binary(4) |
| 4 | CA certificate labels | Input | Char(*) |
| 5 | Return indicator | Output | Char(1) |
| 6 | Error code | I/O | Char(*) |
Service Program: QICSS/QYCDCUSG
Default Public Authority: *USE
Threadsafe: Yes
The Check CA Certificate Trust (QycdCheckCACertTrust) API will verify that the certificate authority (CA) certificates, identified by the list of labels, are trusted by the application. If the application is managing its own list of trusted CA certificates, or does not support client authentication, then this API will not verify the list of CA certificates, and will return the appropriate return indicator.
Authorities and Locks
Required Parameter Group
- Application ID
- INPUT; CHAR(*)
The ID of the application that the trusted CA certificate is assigned to.
- Length of application ID
- INPUT; BINARY(4)
The length of the specified application ID. The length must be a value from 1 to 100.
- Number of CA certificate labels
- INPUT; BINARY(4)
The number of CA certificate labels in the list.
- CA certificate labels
- INPUT; CHAR(*)
The list of CA certificate labels.
Each entry in the list must be in the following format:
CA certificate label CHAR(*) A pointer to the CA certificate label. The CA certificate label is a NULL terminated string. Length of the CA certificate label BINARY(4) The length of the CA certificate label, not including the NULL terminator. - Return indicator
- OUTPUT; CHAR(1)
Whether or not all of the CA certificates identified in the list of labels are trusted by the application.
The possible values are:
0 All of the CA certificates are trusted by the application. 1 The list of CA certificates was not verified because the application trusts all of the CA certificates in the *SYSTEM certificate store or is a server application that does not support client authentication. 2 One of the CA certificates is not trusted by the application. - Error code
- I/O; CHAR(*)
The structure in which to return error information. For the format of the structure, see Error Code Parameter.
Error Messages
| Message ID | Error Message Text |
|---|---|
| CPFA0AA E | Error occurred while attempting to obtain space. |
| CPF220E E | Application &1 not registered. |
| CPF2225 E | Not able to allocate internal system object. |
| CPF3C3C E | Value for parameter &1 not valid. |
| CPF3C90 E | Literal value cannot be changed. |
| CPF3CD9 E | Requested function cannot be performed at this time. |
| CPF3CDA E | Registration facility repository not available for use. |
| CPF3CF1 E | Error code parameter not valid. |
| CPF3CF2 E | Error(s) occurred during running of &1 API. |
| CPF8100 E | All CPF81xx messages could be returned. xx is from 01 to FF. |
| CPF9803 E | Cannot allocate object &2 in library &3. |
| CPF9804 E | Object &2 in library &3 damaged. |
| CPF9810 E | Library &1 not found. |
| CPF9811 E | Program &1 in library &2 not found. |
| CPF9872 E | Program or service program &1 in library &2 ended. Reason code &3. |
API introduced: IBM® i 7.4
| Top | Security APIs | APIs by category |