Interface IOcspClient

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      byte[] getEncoded​(java.security.cert.X509Certificate checkCert, java.security.cert.X509Certificate issuerCert, java.lang.String url)
      Fetch a DER-encoded BasicOCSPResponse from an OCSP responder.
    • Method Detail

      • getEncoded

        byte[] getEncoded​(java.security.cert.X509Certificate checkCert,
                          java.security.cert.X509Certificate issuerCert,
                          java.lang.String url)
        Fetch a DER-encoded BasicOCSPResponse from an OCSP responder. The method should not throw an exception.

        Note: do not pass in the full DER-encoded OCSPResponse object obtained from the responder, only the DER-encoded BasicOCSPResponse value contained in the response data.

        Parameters:
        checkCert - Certificate to check.
        issuerCert - The parent certificate.
        url - The URL of the OCSP responder endpoint. If null, implementations can attempt to obtain a URL from the AuthorityInformationAccess extension of the certificate, or from another implementation-specific source.
        Returns:
        a byte array containing a DER-encoded BasicOCSPResponse structure or null if one could not be obtained
        See Also:
        RFC 6960 ยง 4.2.1