Enum PKIXRevocationChecker.Option

All Implemented Interfaces:
Serializable, Comparable<PKIXRevocationChecker.Option>
Enclosing class:
PKIXRevocationChecker

public static enum PKIXRevocationChecker.Option
extends Enum<PKIXRevocationChecker.Option>

Various revocation options that can be specified for the revocation checking mechanism.

Enum Constants

Enum Constant and Description
NO_FALLBACK

Disable the fallback mechanism.
ONLY_END_ENTITY

Only check the revocation status of end-entity certificates.
PREFER_CRLS

Prefer CRLs to OSCP.
SOFT_FAIL

Allow revocation check to succeed if the revocation status cannot be determined for one of the following reasons: The CRL or OCSP response cannot be obtained because of a network error.

Methods

Modifier and Type Method and Description
static PKIXRevocationChecker.Option valueOf(String name)

Returns the enum constant of this type with the specified name.
static PKIXRevocationChecker.Option[] values()

Returns an array containing the constants of this enum type, in the order they are declared.

Methods inherited from class java.lang.Enum

clone, compareTo, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Enum Constants

ONLY_END_ENTITY

public static final PKIXRevocationChecker.Option ONLY_END_ENTITY

Only check the revocation status of end-entity certificates.

PREFER_CRLS

public static final PKIXRevocationChecker.Option PREFER_CRLS

Prefer CRLs to OSCP. The default behavior is to prefer OCSP. Each PKIX implementation should document further details of their specific preference rules and fallback policies.

NO_FALLBACK

public static final PKIXRevocationChecker.Option NO_FALLBACK

Disable the fallback mechanism.

SOFT_FAIL

public static final PKIXRevocationChecker.Option SOFT_FAIL

Allow revocation check to succeed if the revocation status cannot be determined for one of the following reasons:

  • The CRL or OCSP response cannot be obtained because of a network error.
  • The OCSP responder returns one of the following errors specified in section 2.3 of RFC 2560: internalError or tryLater.

Note that these conditions apply to both OCSP and CRLs, and unless the NO_FALLBACK option is set, the revocation check is allowed to succeed only if both mechanisms fail under one of the conditions as stated above. Exceptions that cause the network errors are ignored but can be later retrieved by calling the getSoftFailExceptions method.

Methods

values

public static PKIXRevocationChecker.Option[] values()

Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows: 

for (PKIXRevocationChecker.Option c : PKIXRevocationChecker.Option.values())
    System.out.println(c);

Returns:
an array containing the constants of this enum type, in the order they are declared

valueOf

public static PKIXRevocationChecker.Option valueOf(String name)

Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)

Parameters:
name - the name of the enum constant to be returned.
Returns:
the enum constant with the specified name
Throws:
IllegalArgumentException - if this enum type has no constant with the specified name
NullPointerException - if the argument is null

© 1993, 2020, Oracle and/or its affiliates. All rights reserved.
Documentation extracted from Debian's OpenJDK Development Kit package.
Licensed under the GNU General Public License, version 2, with the Classpath Exception.
Various third party code in OpenJDK is licensed under different licenses (see Debian package).
Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
https://docs.oracle.com/javase/8/docs/api/java/security/cert/PKIXRevocationChecker.Option.html