CertificatePath

A complex data type that represents the certificate path and information about the path's validation status and failure reason. CertificatePath variables are members of IdentityInformation variables.

For information about data that can be accessed using Xpath Expressions, see Data items.

Data items

The data items that CertificatePath variables contain.

certificateInformation

A list of CertificateInformation values that represents certificates used to verify the identity of the signer.

failureReason

A PathFailureReason value that represents PKI failure reasons. The following reasons are valid:

Invalid Name Constraints:
An error occurred because an invalid name constraint was used.

Invalid Basic Constraints:
An error occurred because an invalid basic constraint was used.

Missing Basic Constraints:
An error occurred because basic constraints are missing.

Invalid Policy Constraint:
An error occurred because invalid policy constraints exist.

Invalid Policy Mappings:
An error occurred because invalid policy mappings exist.

Unsupported Critical Extension:
An error occurred because unsupported critical extensions exist.

Invalid Key Usage:
An error occurred because an invalid key was used.

Path Length Constraint Not Satisfied:
An error occurred because the path length constraint was not valid.

Certificate Signature Does Not Match:
An error occurred because the certificate signature does not match.

Certificate Has Expired:
An error occurred because the certificate expired.

Unknown Reason:
An error occurred for an unknown reason.

Path Not Trusted:
An error occurred because the path is not trusted.

No Failure:
No error occurred.

IdenTrust Compliance Failed for Signing Certificate:
An error occurred because verification of the IdenTrust Compliance failed.

Revocation Checking of IdentTrust Certificates requires OCSP Request Signing Using an IdenTrust Credential:
An error occurred because IdenTrust OCSP compliance failed.

status

An IdentityStatus value that represents whether the signer of the certificate is trusted.

// Ethnio survey code removed