Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware
Java API Reference for Oracle WebLogic Server
12c (12.1.2)

Part Number E27170-02
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    All Classes
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

weblogic.management.configuration
Interface CertRevocCaMBean

All Superinterfaces:
ConfigurationMBean, DescriptorBean, DynamicMBean, MBeanRegistration, NotificationBroadcaster, SettableBean, WebLogicMBean
public interface CertRevocCaMBean
extends ConfigurationMBean

This MBean represents the configuration of certificate revocation checking for a specific certificate authority. Default values for attributes in this MBean are derived from CertRevocMBean.

See Also:
CertRevocMBean

Field Summary
 
Fields inherited from interface weblogic.management.configuration.ConfigurationMBean
DEFAULT_EMPTY_BYTE_ARRAY
 
Method Summary
 long getCrlDpDownloadTimeout()
          For this CA, determines the overall timeout for the Distribution Point CRL download, expressed in seconds.
 String getCrlDpUrl()
          For this CA, determines the CRL Distribution Point URL to use as failover or override for the URL found in the CRLDistributionPoints extension in the certificate.
 String getCrlDpUrlUsage()
          For this CA, determines how getCrlDpUrl is used: as failover in case the URL in the certificate CRLDistributionPoints extension is invalid or not found, or as a value overriding the URL found in the certificate CRLDistributionPoints extension.
 String getDistinguishedName()
          Determines the identity of this per-CA configuration using the distinguished name (defined in RFC 2253), which is used in certificates issued by the represented certificate authority.
 String getMethodOrder()
          For this CA, determines the certificate revocation checking method order.
 String getOcspResponderCertIssuerName()
          For this CA, determines the explicitly trusted OCSP responder certificate issuer name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".
 String getOcspResponderCertSerialNumber()
          For this CA, determines the explicitly trusted OCSP responder certificate serial number, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".
 String getOcspResponderCertSubjectName()
          For this CA, determines the explicitly trusted OCSP responder certificate subject name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_SUBJECT".
 String getOcspResponderExplicitTrustMethod()
          For this CA, determines whether the OCSP Explicit Trust model is enabled and how the trusted certificate is specified.
 String getOcspResponderUrl()
          For this CA, determines the OCSP responder URL to use as failover or override for the URL found in the certificate AIA.
 String getOcspResponderUrlUsage()
          For this CA, determines how getOcspResponderUrl is used: as failover in case the URL in the certificate AIA is invalid or not found, or as a value overriding the URL found in the certificate AIA.
 long getOcspResponseTimeout()
          For this CA, determines the timeout for the OCSP response, expressed in seconds.
 int getOcspTimeTolerance()
          For this CA, determines the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.
 boolean isCheckingDisabled()
          For this CA, determines whether certificate revocation checking is disabled.
 boolean isCrlDpBackgroundDownloadEnabled()
          For this CA, determines whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.
 boolean isCrlDpEnabled()
          For this CA, determines whether the CRL Distribution Point processing to update the local CRL cache is enabled.
 boolean isFailOnUnknownRevocStatus()
          For this CA, determines whether certificate path checking should fail, if revocation status could not be determined.
 boolean isOcspNonceEnabled()
          For this CA, determines whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.
 boolean isOcspResponseCacheEnabled()
          For this CA, determines whether the OCSP response local cache is enabled.
 void setCheckingDisabled(boolean checkingDisabled)
          For this CA, specifies whether certificate revocation checking is disabled.
 void setCrlDpBackgroundDownloadEnabled(boolean crlDpBackgroundDownloadEnabled)
          For this CA, specifies whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.
 void setCrlDpDownloadTimeout(long crlDpDownloadTimeout)
          For this CA, specifies the overall timeout for the Distribution Point CRL download, expressed in seconds.
 void setCrlDpEnabled(boolean crlDpEnabled)
          For this CA, specifies whether the CRL Distribution Point processing to update the local CRL cache is enabled.
 void setCrlDpUrl(String crlDpUrl)
          For this CA, specifies the CRL Distribution Point URL to use as failover or override for the URL found in the CRLDistributionPoints extension in the certificate.
 void setCrlDpUrlUsage(String crlDpUrlUsage)
          For this CA, specifies how getCrlDpUrl is used: as failover in case the URL in the certificate CRLDistributionPoints extension is invalid or not found, or as a value overriding the URL found in the certificate CRLDistributionPoints extension.
 void setDistinguishedName(String distinguishedName)
          Specifies the identity of this per-CA configuration using the distinguished name (defined in RFC 2253), which is used in certificates issued by the represented certificate authority.
 void setFailOnUnknownRevocStatus(boolean failOnUnknownRevocStatus)
          For this CA, specifies whether certificate path checking should fail, if revocation status could not be determined.
 void setMethodOrder(String methodOrder)
          For this CA, specifies the certificate revocation checking method order.
 void setOcspNonceEnabled(boolean ocspNonceEnabled)
          For this CA, specifies whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.
 void setOcspResponderCertIssuerName(String ocspResponderCertIssuerName)
          For this CA, specifies the explicitly trusted OCSP responder certificate issuer name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".
 void setOcspResponderCertSerialNumber(String ocspResponderCertSerialNumber)
          For this CA, specifies the explicitly trusted OCSP responder certificate serial number, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".
 void setOcspResponderCertSubjectName(String ocspResponderCertSubjectName)
          For this CA, specifies the explicitly trusted OCSP responder certificate subject name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_SUBJECT".
 void setOcspResponderExplicitTrustMethod(String ocspResponderExplicitTrustMethod)
          For this CA, specifies whether the OCSP Explicit Trust model is enabled and how the trusted certificate is specified.
 void setOcspResponderUrl(String ocspResponderUrl)
          For this CA, specifies the OCSP responder URL to use as failover or override for the URL found in the certificate AIA.
 void setOcspResponderUrlUsage(String ocspResponderUrlUsage)
          For this CA, specifies how getOcspResponderUrl is used: as failover in case the URL in the certificate AIA is invalid or not found, or as a value overriding the URL found in the certificate AIA.
 void setOcspResponseCacheEnabled(boolean ocspResponseCacheEnabled)
          For this CA, specifies whether the OCSP response local cache is enabled.
 void setOcspResponseTimeout(long ocspResponseTimeout)
          For this CA, specifies the timeout for the OCSP response, expressed in seconds.
 void setOcspTimeTolerance(int ocspTimeTolerance)
          For this CA, specifies the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.
 
Methods inherited from interface weblogic.management.configuration.ConfigurationMBean
freezeCurrentValue, getId, getInheritedProperties, getName, getNotes, isDynamicallyCreated, isInherited, isSet, restoreDefaultValue, setComments, setDefaultedMBean, setName, setNotes, setPersistenceEnabled, unSet
 
Methods inherited from interface weblogic.management.WebLogicMBean
getMBeanInfo, getObjectName, getParent, getType, isCachingDisabled, isRegistered, setParent
 
Methods inherited from interface javax.management.DynamicMBean
getAttribute, getAttributes, invoke, setAttribute, setAttributes
 
Methods inherited from interface javax.management.MBeanRegistration
postDeregister, postRegister, preDeregister, preRegister
 
Methods inherited from interface javax.management.NotificationBroadcaster
addNotificationListener, getNotificationInfo, removeNotificationListener
 
Methods inherited from interface weblogic.descriptor.DescriptorBean
addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener
 

Method Detail

getDistinguishedName

String getDistinguishedName()
Determines the identity of this per-CA configuration using the distinguished name (defined in RFC 2253), which is used in certificates issued by the represented certificate authority.

For example:
"CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US"

This will be used to match this configuration to issued certificates requiring revocation checking.

Returns:
A distinguishedName value
Changes take effect after you redeploy the module or restart the server.
Default Value:
CertRevocCaMBean.DEFAULT_DISTINGUISHED_NAME

setDistinguishedName

void setDistinguishedName(String distinguishedName)
Specifies the identity of this per-CA configuration using the distinguished name (defined in RFC 2253), which is used in certificates issued by the represented certificate authority.

For example:
"CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US"

This will be used to match this configuration to issued certificates requiring revocation checking.

Parameters:
distinguishedName - A distinguishedName value
See Also:
CertRevocCaMBean.getDistinguishedName()

isCheckingDisabled

boolean isCheckingDisabled()

For this CA, determines whether certificate revocation checking is disabled.

Returns:
The checkingDisabled value
Changes take effect after you redeploy the module or restart the server.
Default Value:
CertRevocCaMBean.DEFAULT_CHECKING_DISABLED

setCheckingDisabled

void setCheckingDisabled(boolean checkingDisabled)

For this CA, specifies whether certificate revocation checking is disabled.

Parameters:
checkingDisabled - The checkingDisabled value
See Also:
CertRevocCaMBean.isCheckingDisabled()

isFailOnUnknownRevocStatus

boolean isFailOnUnknownRevocStatus()

For this CA, determines whether certificate path checking should fail, if revocation status could not be determined.

Returns:
The failOnUnknownRevocStatus value
Changes take effect after you redeploy the module or restart the server.

setFailOnUnknownRevocStatus

void setFailOnUnknownRevocStatus(boolean failOnUnknownRevocStatus)

For this CA, specifies whether certificate path checking should fail, if revocation status could not be determined.

Parameters:
failOnUnknownRevocStatus - The failOnUnknownRevocStatus value
See Also:
CertRevocCaMBean.isFailOnUnknownRevocStatus()

getMethodOrder

String getMethodOrder()

For this CA, determines the certificate revocation checking method order.

NOTE THAT omission of a specific method disables that method.

Returns:
A String containing the method order.
Changes take effect after you redeploy the module or restart the server.
Valid Values:
CertRevocMBean.METHOD_OCSP, CertRevocMBean.METHOD_CRL, CertRevocMBean.METHOD_OCSP_THEN_CRL, CertRevocMBean.METHOD_CRL_THEN_OCSP

setMethodOrder

void setMethodOrder(String methodOrder)

For this CA, specifies the certificate revocation checking method order.

NOTE THAT omission of a specific method disables that method.

Parameters:
methodOrder - A String containing the method order.
See Also:
CertRevocCaMBean.getMethodOrder()

getOcspResponderUrl

String getOcspResponderUrl()

For this CA, determines the OCSP responder URL to use as failover or override for the URL found in the certificate AIA. The usage is determined by getOcspResponderUrlUsage.

Returns:
The ocspResponderUrl value, null if none.
See Also:
CertRevocCaMBean.getOcspResponderUrlUsage()
Changes take effect after you redeploy the module or restart the server.
Default Value:
CertRevocCaMBean.DEFAULT_OCSP_RESPONDER_URL

setOcspResponderUrl

void setOcspResponderUrl(String ocspResponderUrl)

For this CA, specifies the OCSP responder URL to use as failover or override for the URL found in the certificate AIA. The usage is determined by getOcspResponderUrlUsage.

Parameters:
ocspResponderUrl - The ocspResponderUrl value, null if none.
See Also:
CertRevocCaMBean.getOcspResponderUrl(), CertRevocCaMBean.getOcspResponderUrlUsage()

getOcspResponderUrlUsage

String getOcspResponderUrlUsage()

For this CA, determines how getOcspResponderUrl is used: as failover in case the URL in the certificate AIA is invalid or not found, or as a value overriding the URL found in the certificate AIA.

Returns:
The ocspResponderUrlUsage value
See Also:
CertRevocCaMBean.getOcspResponderUrl()
Changes take effect after you redeploy the module or restart the server.
Default Value:
CertRevocCaMBean.DEFAULT_OCSP_RESPONDER_URL_USAGE
Valid Values:
CertRevocCaMBean.USAGE_FAILOVER, CertRevocCaMBean.USAGE_OVERRIDE

setOcspResponderUrlUsage

void setOcspResponderUrlUsage(String ocspResponderUrlUsage)

For this CA, specifies how getOcspResponderUrl is used: as failover in case the URL in the certificate AIA is invalid or not found, or as a value overriding the URL found in the certificate AIA.

Parameters:
ocspResponderUrlUsage - The ocspResponderUrlUsage value
See Also:
CertRevocCaMBean.getOcspResponderUrl(), CertRevocCaMBean.getOcspResponderUrlUsage()

getOcspResponderExplicitTrustMethod

String getOcspResponderExplicitTrustMethod()
For this CA, determines whether the OCSP Explicit Trust model is enabled and how the trusted certificate is specified.

The valid values:

"NONE"
Explicit Trust is disabled
"USE_SUBJECT"
Identify the trusted certificate using the subject DN specified in the attribute CertRevocCaMBean.getOcspResponderCertSubjectName().
"USE_ISSUER_SERIAL_NUMBER"
Identify the trusted certificate using the issuer DN and certificate serial number specified in the attributes CertRevocCaMBean.getOcspResponderCertIssuerName() and CertRevocCaMBean.getOcspResponderCertSerialNumber(), respectively.

Returns:
The ocspResponderExplicitTrustMethod value
Changes take effect after you redeploy the module or restart the server.
Default Value:
CertRevocCaMBean.DEFAULT_OCSP_RESPONDER_EXPLICIT_TRUST_METHOD
Valid Values:
CertRevocCaMBean.OCSP_EXPLICIT_TRUST_METHOD_NONE, CertRevocCaMBean.OCSP_EXPLICIT_TRUST_METHOD_USE_SUBJECT, CertRevocCaMBean.OCSP_EXPLICIT_TRUST_METHOD_USE_ISSUER_SERIAL_NUMBER

setOcspResponderExplicitTrustMethod

void setOcspResponderExplicitTrustMethod(String ocspResponderExplicitTrustMethod)
For this CA, specifies whether the OCSP Explicit Trust model is enabled and how the trusted certificate is specified.

The valid values:

"NONE"
Explicit Trust is disabled
"USE_SUBJECT"
Identify the trusted certificate using the subject DN specified in the attribute CertRevocCaMBean.getOcspResponderCertSubjectName().
"USE_ISSUER_SERIAL_NUMBER"
Identify the trusted certificate using the issuer DN and certificate serial number specified in the attributes CertRevocCaMBean.getOcspResponderCertIssuerName() and CertRevocCaMBean.getOcspResponderCertSerialNumber(), respectively.

Parameters:
ocspResponderExplicitTrustMethod - The ocspResponderExplicitTrustMethod value
See Also:
CertRevocCaMBean.getOcspResponderExplicitTrustMethod()

getOcspResponderCertSubjectName

String getOcspResponderCertSubjectName()
For this CA, determines the explicitly trusted OCSP responder certificate subject name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_SUBJECT".

The subject name is formatted as a distinguished name per RFC 2253, for example "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US".

In cases where the subject name alone is not sufficient to uniquely identify the certificate, then both the CertRevocCaMBean.getOcspResponderCertIssuerName() and CertRevocCaMBean.getOcspResponderCertSerialNumber() may be used instead.

Returns:
The ocspResponderCertSubjectName value, null if none.
See Also:
CertRevocCaMBean.getOcspResponderExplicitTrustMethod()
Changes take effect after you redeploy the module or restart the server.
Default Value:
CertRevocCaMBean.DEFAULT_OCSP_RESPONDER_CERT_SUBJECT_NAME

setOcspResponderCertSubjectName

void setOcspResponderCertSubjectName(String ocspResponderCertSubjectName)
For this CA, specifies the explicitly trusted OCSP responder certificate subject name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_SUBJECT".

The subject name is formatted as a distinguished name per RFC 2253, for example "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US".

In cases where the subject name alone is not sufficient to uniquely identify the certificate, then both the CertRevocCaMBean.getOcspResponderCertIssuerName() and CertRevocCaMBean.getOcspResponderCertSerialNumber() may be used instead.

Parameters:
ocspResponderCertSubjectName - The ocspResponderCertSubjectName value, null if none.
See Also:
CertRevocCaMBean.getOcspResponderCertSubjectName(), CertRevocCaMBean.getOcspResponderExplicitTrustMethod()

getOcspResponderCertIssuerName

String getOcspResponderCertIssuerName()
For this CA, determines the explicitly trusted OCSP responder certificate issuer name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".

The issuer name is formatted as a distinguished name per RFC 2253, for example "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US".

When CertRevocCaMBean.getOcspResponderCertIssuerName() returns a non-null value then the CertRevocCaMBean.getOcspResponderCertSerialNumber() must also be set.

Returns:
The ocspResponderCertIssuerName value, null if none.
See Also:
CertRevocCaMBean.getOcspResponderExplicitTrustMethod()
Changes take effect after you redeploy the module or restart the server.
Default Value:
CertRevocCaMBean.DEFAULT_OCSP_RESPONDER_CERT_ISSUER_NAME

setOcspResponderCertIssuerName

void setOcspResponderCertIssuerName(String ocspResponderCertIssuerName)
For this CA, specifies the explicitly trusted OCSP responder certificate issuer name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".

The issuer name is formatted as a distinguished name per RFC 2253, for example "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US".

When CertRevocCaMBean.getOcspResponderCertIssuerName() returns a non-null value then the CertRevocCaMBean.getOcspResponderCertSerialNumber() must also be set.

Parameters:
ocspResponderCertIssuerName - The ocspResponderCertIssuerName value, null if none.
See Also:
CertRevocCaMBean.getOcspResponderCertIssuerName(), CertRevocCaMBean.getOcspResponderExplicitTrustMethod()

getOcspResponderCertSerialNumber

String getOcspResponderCertSerialNumber()
For this CA, determines the explicitly trusted OCSP responder certificate serial number, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".

The serial number is formatted as a hexidecimal string, with optional colon or space separators, for example "2A:FF:00".

When CertRevocCaMBean.getOcspResponderCertSerialNumber() returns a non-null value then the CertRevocCaMBean.getOcspResponderCertIssuerName() must also be set.

Returns:
The ocspResponderCertSerialNumber value, null if none.
See Also:
CertRevocCaMBean.getOcspResponderExplicitTrustMethod()
Changes take effect after you redeploy the module or restart the server.
Default Value:
CertRevocCaMBean.DEFAULT_OCSP_RESPONDER_CERT_SERIAL_NUMBER

setOcspResponderCertSerialNumber

void setOcspResponderCertSerialNumber(String ocspResponderCertSerialNumber)
For this CA, specifies the explicitly trusted OCSP responder certificate serial number, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".

The serial number is formatted as a hexidecimal string, with optional colon or space separators, for example "2A:FF:00".

When CertRevocCaMBean.getOcspResponderCertSerialNumber() returns a non-null value then the CertRevocCaMBean.getOcspResponderCertIssuerName() must also be set.

Parameters:
ocspResponderCertSerialNumber - The ocspResponderCertSerialNumber value, null if none.
See Also:
CertRevocCaMBean.getOcspResponderCertSerialNumber(), CertRevocCaMBean.getOcspResponderExplicitTrustMethod()

isOcspNonceEnabled

boolean isOcspNonceEnabled()

For this CA, determines whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.

Returns:
The ocspNonceEnabled value
Changes take effect after you redeploy the module or restart the server.

setOcspNonceEnabled

void setOcspNonceEnabled(boolean ocspNonceEnabled)

For this CA, specifies whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.

Parameters:
ocspNonceEnabled - The ocspNonceEnabled value
See Also:
CertRevocCaMBean.isOcspNonceEnabled()

isOcspResponseCacheEnabled

boolean isOcspResponseCacheEnabled()

For this CA, determines whether the OCSP response local cache is enabled.

Returns:
The ocspResponseCacheEnabled value
Changes take effect after you redeploy the module or restart the server.

setOcspResponseCacheEnabled

void setOcspResponseCacheEnabled(boolean ocspResponseCacheEnabled)

For this CA, specifies whether the OCSP response local cache is enabled.

Parameters:
ocspResponseCacheEnabled - The ocspResponseCacheEnabled value
See Also:
CertRevocCaMBean.isOcspResponseCacheEnabled()

getOcspResponseTimeout

long getOcspResponseTimeout()
For this CA, determines the timeout for the OCSP response, expressed in seconds.

The valid range is 1 thru 300 seconds.

Returns:
The ocspResponseTimeout in seconds.
Changes take effect after you redeploy the module or restart the server.
Maximum Value:
CertRevocMBean.MAX_OCSP_RESPONSE_TIMEOUT
Minimum Value:
CertRevocMBean.MIN_OCSP_RESPONSE_TIMEOUT

setOcspResponseTimeout

void setOcspResponseTimeout(long ocspResponseTimeout)
For this CA, specifies the timeout for the OCSP response, expressed in seconds.

The valid range is 1 thru 300 seconds.

Parameters:
ocspResponseTimeout - The ocspResponseTimeout in seconds.
See Also:
CertRevocCaMBean.getOcspResponseTimeout()

getOcspTimeTolerance

int getOcspTimeTolerance()
For this CA, determines the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.

The validity period of the response is extended both into the future and into the past by the specified amount of time, effectively widening the validity interval.

The value is >=0 and <=900. The maximum allowed tolerance is 15 minutes.

Returns:
The ocspTimeTolerance value in seconds.
Changes take effect after you redeploy the module or restart the server.
Maximum Value:
CertRevocMBean.MAX_OCSP_TIME_TOLERANCE
Minimum Value:
CertRevocMBean.MIN_OCSP_TIME_TOLERANCE

setOcspTimeTolerance

void setOcspTimeTolerance(int ocspTimeTolerance)
For this CA, specifies the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.

The validity period of the response is extended both into the future and into the past by the specified amount of time, effectively widening the validity interval.

The value is >=0 and <=900. The maximum allowed tolerance is 15 minutes.

Parameters:
ocspTimeTolerance - The ocspTimeTolerance value in seconds.
See Also:
CertRevocCaMBean.getOcspTimeTolerance()

isCrlDpEnabled

boolean isCrlDpEnabled()
For this CA, determines whether the CRL Distribution Point processing to update the local CRL cache is enabled.

Returns:
The crlDpEnabled value
Changes take effect after you redeploy the module or restart the server.

setCrlDpEnabled

void setCrlDpEnabled(boolean crlDpEnabled)
For this CA, specifies whether the CRL Distribution Point processing to update the local CRL cache is enabled.

Parameters:
crlDpEnabled - The crlDpEnabled value
See Also:
CertRevocCaMBean.isCrlDpEnabled()

getCrlDpDownloadTimeout

long getCrlDpDownloadTimeout()
For this CA, determines the overall timeout for the Distribution Point CRL download, expressed in seconds.

The valid range is 1 thru 300 seconds.

Returns:
The crlDpDownloadTimeout value in seconds.
Changes take effect after you redeploy the module or restart the server.
Maximum Value:
CertRevocMBean.MAX_CRL_DP_DOWNLOAD_TIMEOUT
Minimum Value:
CertRevocMBean.MIN_CRL_DP_DOWNLOAD_TIMEOUT

setCrlDpDownloadTimeout

void setCrlDpDownloadTimeout(long crlDpDownloadTimeout)
For this CA, specifies the overall timeout for the Distribution Point CRL download, expressed in seconds.

The valid range is 1 thru 300 seconds.

Parameters:
crlDpDownloadTimeout - The crlDpDownloadTimeout value in seconds.
See Also:
CertRevocCaMBean.getCrlDpDownloadTimeout()

isCrlDpBackgroundDownloadEnabled

boolean isCrlDpBackgroundDownloadEnabled()
For this CA, determines whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.

Returns:
The crlDpBackgroundDownloadEnabled value
Changes take effect after you redeploy the module or restart the server.

setCrlDpBackgroundDownloadEnabled

void setCrlDpBackgroundDownloadEnabled(boolean crlDpBackgroundDownloadEnabled)
For this CA, specifies whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.

Parameters:
crlDpBackgroundDownloadEnabled - The crlDpBackgroundDownloadEnabled value
See Also:
CertRevocCaMBean.isCrlDpBackgroundDownloadEnabled()

getCrlDpUrl

String getCrlDpUrl()
For this CA, determines the CRL Distribution Point URL to use as failover or override for the URL found in the CRLDistributionPoints extension in the certificate.

Returns:
The CRL Distribution Point URL to use for failover or override, null if none.
See Also:
CertRevocCaMBean.getCrlDpUrlUsage()
Changes take effect after you redeploy the module or restart the server.
Default Value:
CertRevocCaMBean.DEFAULT_CRL_DP_URL

setCrlDpUrl

void setCrlDpUrl(String crlDpUrl)
For this CA, specifies the CRL Distribution Point URL to use as failover or override for the URL found in the CRLDistributionPoints extension in the certificate.

Parameters:
crlDpUrl - The CRL Distribution Point URL to use for failover or override, null if none.
See Also:
CertRevocCaMBean.getCrlDpUrlUsage(), CertRevocCaMBean.getCrlDpUrl()

getCrlDpUrlUsage

String getCrlDpUrlUsage()
For this CA, determines how getCrlDpUrl is used: as failover in case the URL in the certificate CRLDistributionPoints extension is invalid or not found, or as a value overriding the URL found in the certificate CRLDistributionPoints extension.

Returns:
The crlDpUrlUsage value
See Also:
CertRevocCaMBean.getCrlDpUrl()
Changes take effect after you redeploy the module or restart the server.
Default Value:
CertRevocCaMBean.DEFAULT_CRL_DP_URL_USAGE
Valid Values:
CertRevocCaMBean.USAGE_FAILOVER, CertRevocCaMBean.USAGE_OVERRIDE

setCrlDpUrlUsage

void setCrlDpUrlUsage(String crlDpUrlUsage)
For this CA, specifies how getCrlDpUrl is used: as failover in case the URL in the certificate CRLDistributionPoints extension is invalid or not found, or as a value overriding the URL found in the certificate CRLDistributionPoints extension.

Parameters:
crlDpUrlUsage - The crlDpUrlUsage value
See Also:
CertRevocCaMBean.getCrlDpUrlUsage(), CertRevocCaMBean.getCrlDpUrl()
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Copyright 1996, 2013, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Fusion Middleware
Java API Reference for Oracle WebLogic Server
12c (12.1.2)

Part Number E27170-02
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    All Classes
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD