@NoImplement public interface TlsRevocationCheckBuilder
| Modifier and Type | Method and Description |
|---|---|
TlsContextFactoryBuilder |
crlFile(String path)
Configures a revocation checking implementation based on a local CRL file.
|
TlsContextFactoryBuilder |
customOcsp(String url,
String certAlias)
Configures a revocation checking implementation based on a custom OCSP responder.
|
TlsContextFactoryBuilder |
standard(boolean onlyEndEntities,
boolean preferCrls,
boolean noFallback,
boolean softFail)
Configures a revocation checking mechanism based on standard CRLDP and OCSP extension points in the certificate.
|
TlsContextFactoryBuilder standard(boolean onlyEndEntities, boolean preferCrls, boolean noFallback, boolean softFail)
onlyEndEntities - only verify last element of the certificate chain, false by defaultpreferCrls - try CRL instead of OCSP first, false by defaultnoFallback - do not use the secondary checking method (the one not selected before), false by defaultsoftFail - avoid verification failure when the revocation server can not be reached or is busy, false by defaultTlsContextFactoryBuilder customOcsp(String url, String certAlias)
url - the URL of the respondercertAlias - alias of the signing certificate for the OCSP response (must be in the trust store), or null if not presentTlsContextFactoryBuilder crlFile(String path)
path - the path to the CRL fileCopyright © 2018. All rights reserved.