@NoImplement public interface TlsRevocationCheckBuilder
Modifier and Type | Method and Description |
---|---|
TlsContextFactoryBuilder |
crlFile(String path)
Configures a revocation checking implementation based on a local CRL file.
|
TlsContextFactoryBuilder |
customOcsp(String url,
String certAlias)
Configures a revocation checking implementation based on a custom OCSP responder.
|
TlsContextFactoryBuilder |
standard(boolean onlyEndEntities,
boolean preferCrls,
boolean noFallback,
boolean softFail)
Configures a revocation checking mechanism based on standard CRLDP and OCSP extension points in the certificate.
|
TlsContextFactoryBuilder standard(boolean onlyEndEntities, boolean preferCrls, boolean noFallback, boolean softFail)
onlyEndEntities
- only verify last element of the certificate chain, false by defaultpreferCrls
- try CRL instead of OCSP first, false by defaultnoFallback
- do not use the secondary checking method (the one not selected before), false by defaultsoftFail
- avoid verification failure when the revocation server can not be reached or is busy, false by defaultTlsContextFactoryBuilder customOcsp(String url, String certAlias)
url
- the URL of the respondercertAlias
- alias of the signing certificate for the OCSP response (must be in the trust store), or null if not presentTlsContextFactoryBuilder crlFile(String path)
path
- the path to the CRL fileCopyright © 2018. All rights reserved.