Share via


IKEEXT_CERT_ROOT_CONFIG0 (Compact 2013)

3/26/2014

This structure stores the IKE certificate root configuration.

Syntax

typedef struct IKEEXT_CERT_ROOT_CONFIG0_ {
  FWP_BYTE_BLOB certData;
  UINT32 flags;
} IKEEXT_CERT_ROOT_CONFIG0;

Members

  • certData
    X509/ASN.1 encoded name of the certificate root.

    See topic FWP_BYTE_BLOB for more information.

  • flags
    A combination of the values described in the Remarks section below.

Remarks

The flags data member can be a combination of the following values:

IKE/AuthIP certificate flag

Meaning

IKEEXT_CERT_FLAG_ENABLE_ACCOUNT_MAPPING

Enable certificate to account mapping for this root.

IKEEXT_CERT_FLAG_DISABLE_REQUEST_PAYLOAD

Do not send a Cert request payload for this root.

IKEEXT_CERT_FLAG_USE_NAP_CERTIFICATE

Enable Network Access Protection (NAP) certificate handling.

IKEEXT_CERT_FLAG_INTERMEDIATE_CA

The corresponding Certification Authority (CA) could be an intermediate CA and need not be a ROOT CA.

If this flag is not specified, the name will have to refer to a ROOT CA.

Requirements

Header

fwpmu.h

See Also

Reference

WFP IKE Structures

Other Resources

Windows Filtering Platform