X509CertStoreGetRegisteredCert2 (FUN)ΒΆ

FUNCTION X509CertStoreGetRegisteredCert2 : RTS_IEC_HANDLE

Get the certificate available for a registered use case valid at a specific time. If not certificate is available RTS_INVALID_HANDLE will be returned. The following rules apply for selecting the certificate:

  • Check if a certificate is configured by the user. (The thumb-print is pinned for component and index). Use this one if available, return error if not available.

  • If no certificate is configured filter the available certificates by subject, key usage, extended key usage and a valid timestamp. Return error if list is empty.

  • Split the available certificates by signed and self signed certificates. Prefer the signed certificates over the self signed certificates:

  • Select the certificate with the longest period of validity.

  • If some certificates have the same period of validity select the one with the strongest key.

InOut:

Scope

Name

Type

Comment

Return

X509CertStoreGetRegisteredCert2

RTS_IEC_HANDLE

Handle to the certificate. Use X509CertClose to close the certificate.

Input

hCertStore

RTS_IEC_HANDLE

IN: Handle of to certificate store.

hUseCase

RTS_IEC_HANDLE

IN: Handle to the registered use case. Retrieved using X509CertStoreRegister.

pcCompareTime

POINTER TO ULINT

IN: Number of milliseconds (not counting leap milliseconds) since 00:00, Jan 1 1970 UTC, like from SysTimeRtcHighResGet(). If pcCompareTime is NULL, the current time is used.

pResult

POINTER TO RTS_IEC_RESULT

OUT: Pointer to error code