| Interface | Description |
|---|---|
| CRLFetcher |
Defines operations needed to a fetch a CRL.
|
| RevocationChecker |
Strategy interface for checking revocation status of a certificate.
|
| RevocationPolicy<T> |
Strategy interface for enforcing various policy matters related to certificate
revocation, such as what to do when revocation data is unavailable or stale.
|
| Class | Description |
|---|---|
| AbstractCRLRevocationChecker |
Base class for all CRL-based revocation checkers.
|
| AllowRevocationPolicy |
Implements an unqualified allow policy.
|
| CRLDistributionPointRevocationChecker |
Performs CRL-based revocation checking by consulting resources defined in
the CRLDistributionPoints extension field on the certificate.
|
| DenyRevocationPolicy |
Implements a deny policy by throwing an exception.
|
| NoOpRevocationChecker |
NO-OP implementation certificate revocation checker.
|
| ResourceCRLFetcher |
Handles the fetching of CRL objects based on resources.
|
| ResourceCRLRevocationChecker |
CRL-based revocation checker that uses one or more CRL resources to fetch
local or remote CRL data periodically.
|
| ThresholdExpiredCRLRevocationPolicy |
Implements a policy to handle expired CRL data whereby expired data is permitted
up to a threshold period of time but not afterward.
|
| X509CredentialsAuthenticationHandler |
Authentication Handler that accepts X509 Certificates, determines their
validity and ensures that they were issued by a trusted issuer.
|
| Enum | Description |
|---|---|
| RevokedCertificateException.Reason |
CRL revocation reason codes per RFC 3280.
|
| Exception | Description |
|---|---|
| ExpiredCRLException |
Exception describing an expired CRL condition.
|
| RevokedCertificateException |
Exception that describes a revoked X.509 certificate.
|