• Home
• io.helidon
• helidon-docs
• 4.0.11
• source code
• io_helidon_common_tls_RevocationConfig.adoc

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

config.io_helidon_common_tls_RevocationConfig.adoc Maven / Gradle / Ivy

///////////////////////////////////////////////////////////////////////////////

    Copyright (c) 2024 Oracle and/or its affiliates.

    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at

        http://www.apache.org/licenses/LICENSE-2.0

    Unless required by applicable law or agreed to in writing, software
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
    limitations under the License.

///////////////////////////////////////////////////////////////////////////////

ifndef::rootdir[:rootdir: {docdir}/..]
:description: Configuration of io.helidon.common.tls.RevocationConfig
:keywords: helidon, config, io.helidon.common.tls.RevocationConfig
:basic-table-intro: The table below lists the configuration keys that configure io.helidon.common.tls.RevocationConfig
include::{rootdir}/includes/attributes.adoc[]

= RevocationConfig (common.tls) Configuration

// tag::config[]


Type: link:{javadoc-base-url}/io.helidon.common.tls/io/helidon/common/tls/RevocationConfig.html[io.helidon.common.tls.RevocationConfig]




== Configuration options



.Optional configuration options
[cols="3,3a,2,5a"]

|===
|key |type |default value |description

|`check-only-end-entity` |boolean |`false` |Only check the revocation status of end-entity certificates.
 Default value is `false`.

 @return whether to check only end-entity certificates
|`enabled` |boolean |`false` |Flag indicating whether this revocation config is enabled.

 @return enabled flag
|`fallback-enabled` |boolean |`true` |Enable fallback to the less preferred checking option.

 @return whether to allow fallback to the less preferred checking option
|`ocsp-responder-uri` |URI |{nbsp} |The URI that identifies the location of the OCSP responder. This
 overrides the `ocsp.responderURL` security property and any
 responder specified in a certificate's Authority Information Access
 Extension, as defined in RFC 5280.

 @return OCSP responder URI
|`prefer-crl-over-ocsp` |boolean |`false` |Prefer CRL over OCSP.
 Default value is `false`.

 @return whether to prefer CRL over OCSP
|`soft-fail-enabled` |boolean |`false` |Allow revocation check to succeed if the revocation status cannot be
 determined for one of the following reasons:

- The CRL or OCSP response cannot be obtained because of a
      network error.
  
- The OCSP responder returns one of the following errors
      specified in section 2.3 of RFC 2560: internalError or tryLater.

@return whether soft fail is enabled

|===

// end::config[]