|
Build the certificate chains from the storage
Certificate chain is a sequence of certificates, which starts from end-entity certificate,
followed by the certificate, which was used to issue the end-entity certificate,
followed by the next issuer certificate and so on until the root certificate is reached.
CA certificate can be part of more than one chains. First method to build a chain or walk through the chains is to use Chains property of TElCustomCertStorage class. This property, together with ChainCount property, gives you access to all certificate chains, contained in the class. ChainCount specifies the number of end-entity certificates, accessible via Chains property. Chains property provides access to the end-entity certificates, which start each chain. Chains property returns an index of the certificate, and you can retrieve the certificate itself using Certificates property. After the end-entity certificate is obtained, use GetIssuerCertificate() method to get the CA certificate for the certificate you passed. The method returns the index of the certificate in Certificates property, or -1 if the issuer certificate could not be found.
Second method also involves ChainCount property.
You need to call BuildChain() method of TElCustomCertStorage and pass the index of the desired chain.
This method returns an instance of TElX509CertificateChain class, which contains and owns the certificates,
that make a chain.
For more information about TElX509CertificateChain see the corresponding how-to article. |
