public class CrlControl extends Object
Example configuration update.mode=<'interval'|'ondemand'> # For all updateMode # Whether expired certificates are considered. Default is false expiredcerts.included=<'true'|'false'> # Whether XiPKI-customized extension xipki-CrlCertSet is included. Default is false xipki.certset=<'true'|'false'> # Whether the extension xipki-CrlCertSet contains the raw certificates. Default is true xipki.certset.certs=<'true'|'false'> # Whether the extension xipki-CrlCertSet contains the profile name of the certificate. # Default is true xipki.certset.profilename=<'true'|'false'> # List of OIDs of extensions to be embedded in CRL, # Unspecified or empty extensions indicates that the CA decides. extensions=<comma delimited OIDs of extensions> # The following settings are only for updateMode 'interval' # Number of intervals to generate a full CRL. Default is 1 # Should be greater than 0 fullcrl.intervals=<integer> # should be 0 or not greater than baseCRL.intervals. Default is 0. # 0 indicates that no deltaCRL will be generated deltacrl.intervals=<integer> overlap.minutes=<minutes of overlap> # should be less than fullCRL.intervals. # If activated, a deltaCRL will be generated only between two full CRLs deltacrl.intervals=<integer> # Exactly one of interval.minutes and interval.days should be specified # Number of minutes of one interval. At least 60 minutes interval.minutes=<minutes of one interval> # UTC time of generation of CRL, one interval covers 1 day. interval.time=<updatet time (hh:mm of UTC time)> # Whether the nextUpdate of a fullCRL is the update time of the fullCRL # Default is false fullcrl.extended.nextupdate=<'true'|'false'> # Whether only user certificates are considered in CRL # Default is false user.certs.only=<'true'|'false'> # Whether only CA certificates are considered in CRL # Default if false ca.certs.only=<'true'|'false'> # Whether Revocation reason is contained in CRL # Default is false exclude.reason=<'true'|'false'> # How the CRL entry extension invalidityDate is considered in CRL # Default is false invalidity.date=<'required'|'optional'|'forbidden'>
| Modifier and Type | Class and Description |
|---|---|
static class |
CrlControl.HourMinute |
static class |
CrlControl.UpdateMode |
| Modifier and Type | Field and Description |
|---|---|
static String |
KEY_DELTACRL_INTERVALS |
static String |
KEY_EXCLUDE_REASON |
static String |
KEY_EXPIRED_CERTS_INCLUDED |
static String |
KEY_EYTENSIONS |
static String |
KEY_FULLCRL_EXTENDED_NEXTUPDATE |
static String |
KEY_FULLCRL_INTERVALS |
static String |
KEY_INTERVAL_MINUTES |
static String |
KEY_INTERVAL_TIME |
static String |
KEY_INVALIDITY_DATE |
static String |
KEY_ONLY_CONTAINS_CACERTS |
static String |
KEY_ONLY_CONTAINS_USERCERTS |
static String |
KEY_OVERLAP_MINUTES |
static String |
KEY_UPDATE_MODE |
static String |
KEY_XIPKI_CERTSET |
static String |
KEY_XIPKI_CERTSET_CERTS |
| Constructor and Description |
|---|
CrlControl(String conf) |
| Modifier and Type | Method and Description |
|---|---|
boolean |
equals(Object obj) |
String |
getConf() |
int |
getDeltaCrlIntervals() |
Set<String> |
getExtensionOids() |
int |
getFullCrlIntervals() |
CrlControl.HourMinute |
getIntervalDayTime() |
Integer |
getIntervalMinutes() |
org.xipki.util.TripleState |
getInvalidityDateMode() |
int |
getOverlapMinutes() |
CrlControl.UpdateMode |
getUpdateMode() |
int |
hashCode() |
boolean |
isExcludeReason() |
boolean |
isExtendedNextUpdate() |
boolean |
isIncludeExpiredCerts() |
boolean |
isOnlyContainsCaCerts() |
boolean |
isOnlyContainsUserCerts() |
boolean |
isXipkiCertsetCertIncluded() |
boolean |
isXipkiCertsetIncluded() |
String |
toString() |
String |
toString(boolean verbose) |
void |
validate() |
public static final String KEY_UPDATE_MODE
public static final String KEY_EYTENSIONS
public static final String KEY_EXPIRED_CERTS_INCLUDED
public static final String KEY_XIPKI_CERTSET
public static final String KEY_XIPKI_CERTSET_CERTS
public static final String KEY_FULLCRL_INTERVALS
public static final String KEY_DELTACRL_INTERVALS
public static final String KEY_OVERLAP_MINUTES
public static final String KEY_INTERVAL_MINUTES
public static final String KEY_INTERVAL_TIME
public static final String KEY_FULLCRL_EXTENDED_NEXTUPDATE
public static final String KEY_ONLY_CONTAINS_USERCERTS
public static final String KEY_ONLY_CONTAINS_CACERTS
public static final String KEY_EXCLUDE_REASON
public static final String KEY_INVALIDITY_DATE
public CrlControl(String conf) throws org.xipki.util.InvalidConfException
org.xipki.util.InvalidConfExceptionpublic String getConf()
public String toString(boolean verbose)
public CrlControl.UpdateMode getUpdateMode()
public boolean isXipkiCertsetIncluded()
public boolean isXipkiCertsetCertIncluded()
public boolean isIncludeExpiredCerts()
public int getFullCrlIntervals()
public int getDeltaCrlIntervals()
public int getOverlapMinutes()
public Integer getIntervalMinutes()
public CrlControl.HourMinute getIntervalDayTime()
public boolean isExtendedNextUpdate()
public boolean isOnlyContainsUserCerts()
public boolean isOnlyContainsCaCerts()
public boolean isExcludeReason()
public org.xipki.util.TripleState getInvalidityDateMode()
public void validate()
throws org.xipki.util.InvalidConfException
org.xipki.util.InvalidConfExceptionCopyright © 2018. All rights reserved.