CertCheckMode

This metabase property is used to enable or disable Certificate Revocation List (CRL) checking. When CertCheckMode is set to greater than 0 (CertCheckMode>0), the CRL is not searched for certificates that have been revoked. When CertCheckMode is equal to 0 (CertCheckMode=0), the CRL will be searched for certificates that have been revoked.

Bitmask Values

Constant	Value	Description
MD_CERT_NO_REVOC_CHECK	0x00000001
MD_CERT_CACHE_RETRIEVAL_ONLY	0x00000002
MD_CERT_CHECK_REVOCATION_FRESHNESS_TIME	0x00000004
MD_CERT_NO_USAGE_CHECK	0x00010000

Important The MD_CERT_NO_REVOC_CHECK , MD_CERT_CACHE_RETRIEVAL_ONLY, and MD_CERT_CHECK_REVOCATION_FRESHNESS_TIME flags are mutually exclusive.

Access Locations

This property is accessible at the following locations:


Metabase Path	IIS Admin Object Type
/LM/W3SVC/2	IIsWebServer
/LM/W3SVC/Info/Templates/Public Web Site	IIsWebServer
/LM/W3SVC/Info/Templates/Secure Web Site	IIsWebServer
/LM/W3SVC	IIsWebService

IIS Admin Base Object Information

The following table lists additional information required only for code that uses the IIS Admin Base Object.


Attribute Name	Attribute Value
Data Type	DWORD
Attributes	INHERIT
Default Value	0
MetaFlagsEx	CACHE_PROPERTY_MODIFIED
User Type	IIS_MD_UT_SERVER
StartingNumber
EndingNumber	0
ID	2160


Metabase identifier	MD_CERT_CHECK_MODE
Data type	DWORD
User type	IIS_MD_UT_SERVER