| Platform SDK: Logon Authentication |
The SECPKG_ATTR_ISSUER_LIST_EX structure returns the list of credentials that are acceptable to the server as an array of CryptoAPI CERT_NAME_BLOB structures.
When a protocol that does not support this functionality is used, this attribute returns an empty list.
SecPkgContext_IssuerListInfoEx IssuerListInfo;
SECURITY_STATUS scRet;
//--------------------------------------------------------------------
// Get list of trusted CAs.
Status = g_SecurityFunc.QueryContextAttributes(
phContext,
SECPKG_ATTR_ISSUER_LIST_EX,
(PVOID)&IssuerListInfo);
if(FAILED(Status))
{
printf("Error 0x%x querying issuer list info\n", Status);
return FALSE;
}
//--------------------------------------------------------------------
// Find client certificate issued by one of these CAs.
//--------------------------------------------------------------------
// Free the issuer list memory.
g_SecurityFunc.FreeContextBuffer(IssuerListInfo.aIssuers);