RESTful Edit Management Interface for Oracle WebLogic Server

Create A New Cert Revoc Ca

post

/management/weblogic/{version}/edit/securityConfiguration/certRevoc/certRevocCas

Add a new cert revoc ca to this collection.

Request

Supported Media Types

application/json

Path Parameters

version(required): string

The version of the WebLogic REST interface.

Header Parameters

X-Requested-By(required): string

The 'X-Requested-By' header is used to protect against Cross-Site Request Forgery (CSRF) attacks. The value is an arbitrary name such as 'MyClient'.

Must contain a populated cert revoc ca model.

Root Schema : Cert Revoc Ca

Type: object

Show Source

checkingDisabled: boolean

Default Value: false

For this CA, determines whether certificate revocation checking is disabled.
crlDpBackgroundDownloadEnabled: boolean

For this CA, determines whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.
crlDpDownloadTimeout: integer(int64)

Minimum Value: 1

Maximum Value: 300

For this CA, determines the overall timeout for the Distribution Point CRL download, expressed in seconds.
The valid range is 1 thru 300 seconds.
crlDpEnabled: boolean

For this CA, determines whether the CRL Distribution Point processing to update the local CRL cache is enabled.
crlDpUrl: string

Default Value: oracle.doceng.json.BetterJsonNull@778bdf42

For this CA, determines the CRL Distribution Point URL to use as failover or override for the URL found in the CRLDistributionPoints extension in the certificate.
crlDpUrlUsage: string

Default Value: FAILOVER

Allowed Values: [ "FAILOVER", "OVERRIDE" ]

For this CA, determines how getCrlDpUrl is used: as failover in case the URL in the certificate CRLDistributionPoints extension is invalid or not found, or as a value overriding the URL found in the certificate CRLDistributionPoints extension.
distinguishedName: string

Default Value: oracle.doceng.json.BetterJsonNull@24037ea

Determines the identity of this per-CA configuration using the distinguished name (defined in RFC 2253), which is used in certificates issued by the represented certificate authority.
For example:
"CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US"
This will be used to match this configuration to issued certificates requiring revocation checking.
dynamicallyCreated: boolean

Read Only: true

Default Value: false

Return whether the MBean was created dynamically or is persisted to config.xml
failOnUnknownRevocStatus: boolean

For this CA, determines whether certificate path checking should fail, if revocation status could not be determined.
id: integer(int64)

Read Only: true

Return the unique id of this MBean instance
methodOrder: string

Allowed Values: [ "OCSP", "CRL", "OCSP_THEN_CRL", "CRL_THEN_OCSP" ]

For this CA, determines the certificate revocation checking method order.
NOTE THAT omission of a specific method disables that method.
name: string
Read Only: true
The user-specified name of this MBean instance.
This name is included as one of the key properties in the MBean's javax.management.ObjectName
Name=user-specified-name
Constraints
- legal null
notes: string

Optional information that you can include to describe this configuration.
WebLogic Server saves this note in the domain's configuration file (config.xml) as XML PCDATA. All left angle brackets (<) are converted to the xml entity <. Carriage returns/line feeds are preserved.
Note: If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds.


            
            
            ocspNonceEnabled: 
            boolean
            
                
                
























For this CA, determines whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.




                
            
            
            
            
            ocspResponderCertIssuerName: 
            string
            
                
                


















Default Value: oracle.doceng.json.BetterJsonNull@4d121ab6







For this CA, determines the explicitly trusted OCSP responder certificate issuer name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".
 The issuer name is formatted as a distinguished name per RFC 2253, for example "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US".
 When getOcspResponderCertIssuerName returns a non-null value then the getOcspResponderCertSerialNumber must also be set.




                
            
            
            
            
            ocspResponderCertSerialNumber: 
            string
            
                
                


















Default Value: oracle.doceng.json.BetterJsonNull@4c14b1bd







For this CA, determines the explicitly trusted OCSP responder certificate serial number, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".
 The serial number is formatted as a hexidecimal string, with optional colon or space separators, for example "2A:FF:00".
 When getOcspResponderCertSerialNumber returns a non-null value then the getOcspResponderCertIssuerName must also be set.




                
            
            
            
            
            ocspResponderCertSubjectName: 
            string
            
                
                


















Default Value: oracle.doceng.json.BetterJsonNull@17ae4b7c







For this CA, determines the explicitly trusted OCSP responder certificate subject name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_SUBJECT".
 The subject name is formatted as a distinguished name per RFC 2253, for example "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US".
 In cases where the subject name alone is not sufficient to uniquely identify the certificate, then both the getOcspResponderCertIssuerName and getOcspResponderCertSerialNumber may be used instead.




                
            
            
            
            
            ocspResponderExplicitTrustMethod: 
            string
            
                
                


















Default Value: NONE



Allowed Values: [
    "NONE",
    "USE_SUBJECT",
    "USE_ISSUER_SERIAL_NUMBER"
]





For this CA, determines whether the OCSP Explicit Trust model is enabled and how the trusted certificate is specified.
The valid values:
"NONE"
Explicit Trust is disabled
"USE_SUBJECT"
Identify the trusted certificate using the subject DN specified in the attribute getOcspResponderCertSubjectName
"USE_ISSUER_SERIAL_NUMBER"
Identify the trusted certificate using the issuer DN and certificate serial number specified in the attributes getOcspResponderCertIssuerName and getOcspResponderCertSerialNumber, respectively.




                
            
            
            
            
            ocspResponderUrl: 
            string
            
                
                


















Default Value: oracle.doceng.json.BetterJsonNull@543e228c







For this CA, determines the OCSP responder URL to use as failover or override for the URL found in the certificate AIA. The usage is determined by getOcspResponderUrlUsage




                
            
            
            
            
            ocspResponderUrlUsage: 
            string
            
                
                


















Default Value: FAILOVER



Allowed Values: [
    "FAILOVER",
    "OVERRIDE"
]





For this CA, determines how getOcspResponderUrl is used: as failover in case the URL in the certificate AIA is invalid or not found, or as a value overriding the URL found in the certificate AIA.




                
            
            
            
            
            ocspResponseCacheEnabled: 
            boolean
            
                
                
























For this CA, determines whether the OCSP response local cache is enabled.




                
            
            
            
            
            ocspResponseTimeout: 
            integer(int64)
            
                
                




Minimum Value: 1





Maximum Value: 300

















For this CA, determines the timeout for the OCSP response, expressed in seconds.
 The valid range is 1 thru 300 seconds.




                
            
            
            
            
            ocspTimeTolerance: 
            integer(int32)
            
                
                




Minimum Value: 0





Maximum Value: 900

















For this CA, determines the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.
 The validity period of the response is extended both into the future and into the past by the specified amount of time, effectively widening the validity interval.
 The value is >=0 and <=900. 15 the maximum allowed tolerance is minutes.< p>




                
            
            
            
            
            tags: 
            array  Items
            
            
                
                
Title: Items





















Return all tags on this Configuration MBean


                
            
            
            
            
            type: 
            string
            
                
                


Read Only: true























Returns the type of the MBean.
Constraints
unharvestable


        {
    "type":"object",
    "properties":{
        "checkingDisabled":{
            "default":false,
            "type":"boolean",
            "description":"<p>For this CA, determines whether certificate revocation checking is disabled.</p>"
        },
        "crlDpBackgroundDownloadEnabled":{
            "type":"boolean",
            "description":"<p>For this CA, determines whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.</p>"
        },
        "crlDpDownloadTimeout":{
            "minimum":"1",
            "maximum":"300",
            "type":"integer",
            "format":"int64",
            "description":"<p>For this CA, determines the overall timeout for the Distribution Point CRL download, expressed in seconds.</p><p> The valid range is 1 thru 300 seconds.</p>"
        },
        "crlDpEnabled":{
            "type":"boolean",
            "description":"<p>For this CA, determines whether the CRL Distribution Point processing to update the local CRL cache is enabled.</p>"
        },
        "crlDpUrl":{
            "default":null,
            "type":"string",
            "description":"<p>For this CA, determines the CRL Distribution Point URL to use as failover or override for the URL found in the CRLDistributionPoints extension in the certificate.</p>"
        },
        "crlDpUrlUsage":{
            "default":"FAILOVER",
            "enum":[
                "FAILOVER",
                "OVERRIDE"
            ],
            "type":"string",
            "description":"<p>For this CA, determines how <code>getCrlDpUrl</code> is used: as failover in case the URL in the certificate CRLDistributionPoints extension is invalid or not found, or as a value overriding the URL found in the certificate CRLDistributionPoints extension.</p>"
        },
        "distinguishedName":{
            "default":null,
            "type":"string",
            "description":"<p>Determines the identity of this per-CA configuration using the distinguished name (defined in RFC 2253), which is used in certificates issued by the represented certificate authority.</p><p>For example:</p><p><code>\"CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US\"</code></p><p>This will be used to match this configuration to issued certificates requiring revocation checking.</p>"
        },
        "dynamicallyCreated":{
            "readOnly":true,
            "default":false,
            "type":"boolean",
            "description":"<p>Return whether the MBean was created dynamically or is persisted to config.xml</p>"
        },
        "failOnUnknownRevocStatus":{
            "type":"boolean",
            "description":"<p>For this CA, determines whether certificate path checking should fail, if revocation status could not be determined.</p>"
        },
        "id":{
            "readOnly":true,
            "type":"integer",
            "format":"int64",
            "description":"<p>Return the unique id of this MBean instance</p>"
        },
        "methodOrder":{
            "enum":[
                "OCSP",
                "CRL",
                "OCSP_THEN_CRL",
                "CRL_THEN_OCSP"
            ],
            "type":"string",
            "description":"<p>For this CA, determines the certificate revocation checking method order.</p><p>NOTE THAT omission of a specific method disables that method.</p>"
        },
        "name":{
            "readOnly":true,
            "x-weblogic-legalNull":true,
            "type":"string",
            "description":"<p>The user-specified name of this MBean instance.</p><p>This name is included as one of the key properties in the MBean's <code>javax.management.ObjectName</code></p><p><code>Name=<i>user-specified-name</i></code></p><p><h5>Constraints</h5></p><ul><li>legal null</li></ul>"
        },
        "notes":{
            "type":"string",
            "description":"<p>Optional information that you can include to describe this configuration.</p><p>WebLogic Server saves this note in the domain's configuration file (<code>config.xml</code>) as XML PCDATA. All left angle brackets (<) are converted to the XML entity <code>&lt;</code>. Carriage returns/line feeds are preserved.</p><p>Note: If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds.</p>"
        },
        "ocspNonceEnabled":{
            "type":"boolean",
            "description":"<p>For this CA, determines whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.</p>"
        },
        "ocspResponderCertIssuerName":{
            "default":null,
            "type":"string",
            "description":"<p>For this CA, determines the explicitly trusted OCSP responder certificate issuer name, when the attribute returned by <code>getOcspResponderExplicitTrustMethod</code> is \"USE_ISSUER_SERIAL_NUMBER\".</p><p> The issuer name is formatted as a distinguished name per RFC 2253, for example \"CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US\".</p><p> When <code>getOcspResponderCertIssuerName</code> returns a non-null value then the <code>getOcspResponderCertSerialNumber</code> must also be set.</p>"
        },
        "ocspResponderCertSerialNumber":{
            "default":null,
            "type":"string",
            "description":"<p>For this CA, determines the explicitly trusted OCSP responder certificate serial number, when the attribute returned by <code>getOcspResponderExplicitTrustMethod</code> is \"USE_ISSUER_SERIAL_NUMBER\".</p><p> The serial number is formatted as a hexidecimal string, with optional colon or space separators, for example \"2A:FF:00\".</p><p> When <code>getOcspResponderCertSerialNumber</code> returns a non-null value then the <code>getOcspResponderCertIssuerName</code> must also be set.</p>"
        },
        "ocspResponderCertSubjectName":{
            "default":null,
            "type":"string",
            "description":"<p>For this CA, determines the explicitly trusted OCSP responder certificate subject name, when the attribute returned by <code>getOcspResponderExplicitTrustMethod</code> is \"USE_SUBJECT\".</p><p> The subject name is formatted as a distinguished name per RFC 2253, for example \"CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US\".</p><p> In cases where the subject name alone is not sufficient to uniquely identify the certificate, then both the <code>getOcspResponderCertIssuerName</code> and <code>getOcspResponderCertSerialNumber</code> may be used instead.</p>"
        },
        "ocspResponderExplicitTrustMethod":{
            "default":"NONE",
            "enum":[
                "NONE",
                "USE_SUBJECT",
                "USE_ISSUER_SERIAL_NUMBER"
            ],
            "type":"string",
            "description":"<p>For this CA, determines whether the OCSP Explicit Trust model is enabled and how the trusted certificate is specified.</p><p>The valid values:</p><dl><dt>\"NONE\"</dt><dd><p>Explicit Trust is disabled</p></dd><dt>\"USE_SUBJECT\"</dt><dd><p>Identify the trusted certificate using the subject DN specified in the attribute <code>getOcspResponderCertSubjectName</code></p></dd><dt>\"USE_ISSUER_SERIAL_NUMBER\"</dt><dd><p>Identify the trusted certificate using the issuer DN and certificate serial number specified in the attributes <code>getOcspResponderCertIssuerName</code> and <code>getOcspResponderCertSerialNumber</code>, respectively.</p></dd></dl>"
        },
        "ocspResponderUrl":{
            "default":null,
            "type":"string",
            "description":"<p>For this CA, determines the OCSP responder URL to use as failover or override for the URL found in the certificate AIA. The usage is determined by <code>getOcspResponderUrlUsage</code></p>"
        },
        "ocspResponderUrlUsage":{
            "default":"FAILOVER",
            "enum":[
                "FAILOVER",
                "OVERRIDE"
            ],
            "type":"string",
            "description":"<p>For this CA, determines how <code>getOcspResponderUrl</code> is used: as failover in case the URL in the certificate AIA is invalid or not found, or as a value overriding the URL found in the certificate AIA.</p>"
        },
        "ocspResponseCacheEnabled":{
            "type":"boolean",
            "description":"<p>For this CA, determines whether the OCSP response local cache is enabled.</p>"
        },
        "ocspResponseTimeout":{
            "minimum":"1",
            "maximum":"300",
            "type":"integer",
            "format":"int64",
            "description":"<p>For this CA, determines the timeout for the OCSP response, expressed in seconds.</p><p> The valid range is 1 thru 300 seconds.</p>"
        },
        "ocspTimeTolerance":{
            "minimum":"0",
            "maximum":"900",
            "type":"integer",
            "format":"int32",
            "description":"<p>For this CA, determines the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.</p><p> The validity period of the response is extended both into the future and into the past by the specified amount of time, effectively widening the validity interval.</p><p> The value is >=0 and <=900. The maximum allowed tolerance is 15 minutes.</p>"
        },
        "tags":{
            "title":"Items",
            "type":"array",
            "items":{
                "type":"string",
                "description":""
            },
            "description":"<p>Return all tags on this Configuration MBean</p>"
        },
        "type":{
            "readOnly":true,
            "x-weblogic-unharvestable":true,
            "type":"string",
            "description":"<p>Returns the type of the MBean.</p><p><h5>Constraints</h5></p><ul><li>unharvestable</li></ul>"
        }
    },
    "description":""
}



                
                
    Nested Schema : Items
    
      
      Type: array
    

    

    
    Title: Items
    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    
    Return all tags on this Configuration MBean
    

    

    

    

    
        Show Source
        
            
            
            Array of: 
                string
            
            
                
                





























                
            
            
            
        
        {
    "title":"Items",
    "type":"array",
    "items":{
        "type":"string",
        "description":""
    },
    "description":"<p>Return all tags on this Configuration MBean</p>"
}



                

                

                
                
                Security
                
                    
                        
                        
                        Admin: basic
                        
                        
                            


Type: basic



Description: A user in the Admin security role.

                        
                        
                        
                    
                
                
                
                
                Back to Top

                Response

                



                
                
                201 Response
                
                

                


                
                
                
                

				Back to Top