.png)
CertCheckMode Metabase Property
업데이트 날짜: 2005년 8월
적용 대상: Windows Server 2003, Windows Server 2003 with SP1
The CertCheckMode Metabase Property enables or disables Certificate Revocation List (CRL) checking. CertCheckMode is set to 0 by default (CertCheckMode=0), which means that IIS by default searches for an updated CRL.
This metabase property is closely related to the RevocationFreshnessTime Metabase Property and the RevocationURLRetrievalTimeout Metabase Property.
| Attribute Name | Attribute Value |
|---|---|
|
XML Data Type |
DWORD |
|
WMI Data Type |
SINT32 |
|
ADSI Data Type |
DWORD |
|
ABO Data Type |
DWORD |
|
ABO Metabase Identifier |
MD_CERT_CHECK_MODE |
|
Attributes |
INHERIT |
|
Default Value |
0 |
|
MetaFlagsEx |
CACHE_PROPERTY_MODIFIED |
|
User Type |
IIS_MD_UT_SERVER |
|
ID |
2160 |
Configurable Locations
You can configure this property at the following locations in the IIS metabase.
| Metabase Path | IIS Admin Object Type |
|---|---|
|
/LM/W3SVC/n |
IIsWebServer |
|
/LM/W3SVC |
IIsWebService |
Values
| Constant | Value | Description |
|---|---|---|
|
MD_CERT_NO_REVOC_CHECK |
0x00000001 |
Certificate revocation checking is not performed. |
|
MD_CERT_CACHE_RETRIEVAL_ONLY |
0x00000002 |
During certificate revocation verification, the CRL will not be updated from a remote location, such as a CRL at an external URL. In this case, the CRL that is cached on the client is used. If the CRL is expired, the certificate revocation verification fails. |
|
MD_CERT_CHECK_REVOCATION_FRESHNESS_TIME |
0x00000004 |
The client CRL is replaced by the CRL at a remote location, even if the CRL that is cached on the client is valid. The value of the RevocationFreshnessTime Metabase Property determines the frequency of this action. |
|
MD_CERT_NO_USAGE_CHECK |
0x00010000 |
The certificate provided by the client is not verified as valid. |
 중요 |
|---|
| The MD_CERT_NO_REVOC_CHECK, MD_CERT_CACHE_RETRIEVAL_ONLY, and MD_CERT_CHECK_REVOCATION_FRESHNESS_TIME flags are mutually exclusive. |
Code Example
For general code examples, see Code Examples to Configure Metabase Properties.
Related Topics
-
For more information about using SSL and certificates with IIS 6.0, see Encryption in IIS 6.0.
-
For more information about certificate revocation and CRLs, see Revoking Certificates and Publishing CRLs in Windows Server 2003 documentation.
