Parameters

dascli certinfo file_name [chain_flags] [certificate_store] [control_flags]

file_name

Full path and name for the file, or full path and directory name.

chain_flags

Hexadecimal value of the chosen chain flags used together by using the OR operator.

The default is: CERT_CHAIN_CACHE_END_CERT | CERT_CHAIN_REVOCATION_ACCUMULATIVE_TIMEOUT | CERT_CHAIN_REVOCATION_CHECK_CHAIN. 0x28000001.

If certificate store is entered, this parameter must have a value.

Optional values are:

Hexadecimal	Chain Flag
0x00000001	CERT_CHAIN_CACHE_END_CERT
0x00000002	CERT_CHAIN_THREAD_STORE_SYNC
0x00000004	CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL
0x00000008	CERT_CHAIN_USE_LOCAL_MACHINE_STORE
0x00000010	CERT_CHAIN_ENABLE_CACHE_AUTO_UPDATE
0x00000020	CERT_CHAIN_ENABLE_SHARE_STORE
0x04000000	CERT_CHAIN_REVOCATION_CHECK_OCSP_CERT
0x08000000	CERT_CHAIN_REVOCATION_ACCUMULATIVE_TIMEOUT
0x10000000	CERT_CHAIN_REVOCATION_CHECK_END_CERT
0x20000000	CERT_CHAIN_REVOCATION_CHECK_CHAIN
0x40000000	CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT
0x80000000	CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY

certificate_store

Certificate store used when the certificate is validated by the agent.

If “user”, then HCCE_CURRENT_USER, otherwise HCCE_LOCAL_MACHINE. If control flags are entered, this parameter must have a value.

control_flags

Hexadecimal value of the chosen flags used together by using the OR operator. These are internal control flags that can vary, and that normally are not specified.

Hexadecimal	Control Flag
0x0001	CertControlFlagSkipCertificateValidation
0x0002	CertControlFlagSkipFileValidation
0x0004	CertControlFlagIgnoreExpiration
0x0008	CertControlFlagHashCheckOnly
0x0010	CertControlFlagCheckForDetachedSignature
0x0080	CertControlFlagCollectCertificateChain
0x0100	CertControlFlagDontCheckForMicrosoft
0x0200	CertControlFlagCollectCountersignerChain