<%@ CODEPAGE=65001 'UTF-8%>
<%' certcrl.crl - (CERT)srv web - return a (C)ertificate (R)evocation (L)ist
  ' Copyright (C) Microsoft Corporation, 1998 - 1999 %>
<!-- #include FILE=certdat.inc -->
<!-- #include FILE=certsrck.inc -->
<%  ' ########## BEGIN SERVER SIDE EXECUTION ##########

	'Process a Certificate Request

	Dim nResult, sCrl, sErrMsg, nEncoding, nCrlType
	On Error Resume Next

	' from \nt\public\sdk\inc\certcli.h
	Const CR_OUT_BASE64HEADER=&H00000000
	Const CR_OUT_BASE64=&H00000001
	Const CR_OUT_BINARY=&H00000002
	Const CR_OUT_CHAIN=&H00000100
	
	Const CR_PROP_BASECRL=17
	Const CR_PROP_DELTACRL=18
	Const PROPTYPE_BINARY=3

	'Stop 'debugging breakpoint
	
	' determine the requested encoding
	If "bin"=Request.QueryString("Enc") Then
		nEncoding=CR_OUT_BINARY
	Else '"b64"=Request.QueryString("Enc")
		nEncoding=CR_OUT_BASE64HEADER
	End If

	' determine the requested CRL type
	If "delta"=Request.QueryString("Type") Then
		nCrlType=CR_PROP_DELTACRL
	Else '"base"=Request.QueryString("Type")
		nCrlType=CR_PROP_BASECRL
	End If

	' create the object to do the request
	Set Session("ICertRequest")=Server.CreateObject("CertificateAuthority.Request")
	Set ICertRequest=Session("ICertRequest")

	Err.Clear 'make sure we catch the HRESULT and not some earlier error
	
	' get the crl
	sCrl=ICertRequest.GetCAProperty(sServerConfig, nCrlType, Request.QueryString("Renewal"), PROPTYPE_BINARY, nEncoding)
	nResult=Err.number
	sErrMsg=Err.Description

	If 0<>nResult Then
		'internal redirect - transfer control to error page
		Session("nResult")=nResult
		Session("sErrMsg")=sErrMsg
		Server.Transfer("certrser.asp")
	End If

	' Tell the client we are sending a CRL
	Response.ContentType="application/pkix-crl"

	' send the CRL to the client
	Response.Clear 'guarantee no extraneous bytes
	If CR_OUT_BINARY=nEncoding Then
		Response.BinaryWrite(sCrl)
	Else
		Response.Write(sCrl)
	End If
	
	' ########## END SERVER SIDE EXECUTION ##########
%>