xsd.ocsp-conf.xsd Maven / Gradle / Ivy
The newest version!
To answer OCSP request via URI http://example.com/foo/abc, you can use the
combination (servlet.alias = '/', servletPath = '/foo/abc') or
(servlet.alias = '/foo', servletPath = '/abc').
Valid values are RFC2560 and RFC6960. If not present, then
RFC6960 mode will be applied.
Whether to consider certificate as revoked if CA is revoked.
Whether to support HTTP GET for small request.
The default is false.
Maximal count of entries contained in one RequestList.
Maximal size in byte of a request
The default is SIGNER.
Whether to include extension InvalidityDate in OCSP response.
The default is true.
Whether to include extension CertHash in OCSP response.
The default is false.
CertHash algorithm in the response, If this element is not present,
the hash algorithm in the request will be applied.
max-age in seconds. Only useful for OCSP request sent by HTTP GET.
Whether to ignore the expired certificates. The default is true.
Whether this flag is considered depends on the store source.
Whether to ignore the certificates that will be valid later. The default is true.
Whether this flag is considered depends on the store source.
Days of certificates stored in certstore after expiration
0 for no, -1 for forever. The default is 0 for CRL based
store and -1 for database based store
Whether Certificate with known Issuer but unknown serial number
is considered as good. The default is true for CRL based store
and false for database based store
Whether to include extension archiveCutoff in OCSP response if
retentionInterval is not 0. The default is true.
Whether to include extension crlID in OCSP response if
retentionInterval is not 0. It is ignored for database based
store. The default is true for CRL based store.
version of the request, current support values are v1.