| 1 | Update Certificate Authority (CA) trust exit information |
Input | Char(*) |
The Update Certificate Authority (CA) Trust exit program is called when a CA certificate is added to or removed from the list of trusted CA certificates for an application using Digital Certificate Manager (DCM).
When the trust status of a CA certificate for an application is changed, the user-written exit program associated with the registered application is called. The exit point supports an unlimited number of applications, but only one exit program for each application. (For information about registering an application that uses certificates, see the Register Application for Certificate Use QSYRGAP, QsyRegisterAppForCertUse) API.
Note: The Update Certificate Authority (CA) Trust exit program is not be called if the Limit CA certificates trusted indicator for the application is set to 0 (the application trusts all CA certificates that are trusted in the *SYSTEM certificate store) and the trust status for one of the CA certificates in the *SYSTEM certificate store is changed.
Note: The Update Certificate Authority (CA) Trust exit program ignores any return codes or error messages that are sent from the exit program.
Information needed by the exit program for notification of any CA certificate trust changes for the application. For details, see "Format of Update Certificate Authority (CA) Trust Exit Information".
The following table shows the structure of the update CA trust information for format CATR0100. For a description of the fields in this format, see "Field Descriptions".
| Offset | Type | Field | |
|---|---|---|---|
| Dec | Hex | ||
| 0 | 0 | CHAR(20) | Exit point name |
| 20 | 14 | CHAR(8) | Exit point format name |
| 28 | 1C | CHAR(100) | Application ID |
| 128 | 80 | CHAR(1) | Action |
| 129 | 81 | CHAR(1) | Trusted CA certificate ID type |
| 130 | 82 | CHAR(2) | Reserved |
| 132 | 84 | BINARY(4) | Offset to trusted CA certificate ID |
| 136 | 88 | BINARY(4) | Length of trusted CA certificate ID |
| CHAR(*) | Trusted CA certificate ID | ||
The action being performed on the trusted CA certificate. The possible values follow:
| 0 | The trusted CA certificate is being added to the list of trusted CA certificates for the application. |
| 1 | The trusted CA certificate is being removed from the list of trusted CA certificates for the application. |
Application ID. The ID of the application.
Trusted CA certificate ID. The ID for the trusted CA certificate being added or removed.
Trusted CA certificate ID type. The type of the trusted CA certificate ID. The possible value follows:
| 1 | The trusted CA certificate ID is the label for the certificate. |
Exit point format name. The format name for the Update Certificate Authority (CA) trust exit program. The possible format name is:
| CATR0100 | The format name that is used after a CA certificate is added or removed from the trust list for an application. |
Exit point name. The name of the exit point that calls the exit program.
Length of trusted CA certificate ID. The length of the trusted CA certificate ID.
Offset to trusted CA certificate ID. The offset to the start of the trusted CA certificate ID.
Reserved. An ignored field.
| Top | Security APIs | APIs by category |