|
Oracle Fusion Middleware Java API Reference for Oracle WebLogic Server 12c (12.2.1) Part Number E55141-01 P4 Change 1723563 on 2015/10/09 |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface CertRevocMBean
This MBean represents the configuration of the certificate revocation checking across all certificate authorities. Many of the attributes in this MBean may be overridden per certificate authority using the specific CertRevocCaMBean
.
CertRevocCaMBean
Field Summary |
---|
Fields inherited from interface weblogic.management.configuration.ConfigurationMBean |
---|
DEFAULT_EMPTY_BYTE_ARRAY |
Method Summary | |
---|---|
abstract CertRevocCaMBean |
createCertRevocCa(String name) This is the factory method for certificate revocation checking configuration CA overrides. |
abstract void |
destroyCertRevocCa(CertRevocCaMBean child) Destroys and removes a certificate authority override, which is a child of this certificate revocation checking configuration. |
abstract CertRevocCaMBean[] |
getCertRevocCas() Returns the CertRevocCaMBeans representing the certificate authority overrides, which have been configured to be part of this certificate revocation checking configuration. |
abstract int |
getCrlCacheRefreshPeriodPercent() Determines the refresh period for the CRL local cache, expressed as a percentage of the validity period of the CRL. |
abstract String |
getCrlCacheType() Determines the type of CRL cache, related to the physical storage of the CRLs. |
abstract String |
getCrlCacheTypeLdapHostname() Determines the remote hostname for the LDAP server containing CRLs. |
abstract int |
getCrlCacheTypeLdapPort() Determines the remote port for the LDAP server containing CRLs. |
abstract int |
getCrlCacheTypeLdapSearchTimeout() Determines how long to wait for CRL search results from the LDAP server. |
abstract long |
getCrlDpDownloadTimeout() Determines the overall timeout for the Distribution Point CRL download, expressed in seconds. |
abstract String |
getMethodOrder() Determines the certificate revocation checking method order. |
abstract int |
getOcspResponseCacheCapacity() Determines the maximum number of entries supported by the OCSP response local cache. |
abstract int |
getOcspResponseCacheRefreshPeriodPercent() Determines the refresh period for the OCSP response local cache, expressed as a percentage of the validity period of the response. |
abstract long |
getOcspResponseTimeout() Determines the timeout for the OCSP response, expressed in seconds. |
abstract int |
getOcspTimeTolerance() Determines the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds. |
abstract boolean |
isCheckingEnabled() Determines whether certificate revocation checking is enabled. |
abstract boolean |
isCrlDpBackgroundDownloadEnabled() Determines whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled. |
abstract boolean |
isCrlDpEnabled() Determines whether the CRL Distribution Point processing to update the local CRL cache is enabled. |
abstract boolean |
isFailOnUnknownRevocStatus() Determines whether certificate path checking should fail, if revocation status could not be determined. |
abstract boolean |
isOcspNonceEnabled() Determines whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response. |
abstract boolean |
isOcspResponseCacheEnabled() Determines whether the OCSP response local cache is enabled. |
abstract CertRevocCaMBean |
lookupCertRevocCa(String name) Lookup a particular CertRevocCaMBean from the list. |
abstract void |
setCheckingEnabled(boolean checkingEnabled) Specifies whether certificate revocation checking is enabled. |
abstract void |
setCrlCacheRefreshPeriodPercent(int crlCacheRefreshPeriodPercent) Specifies the refresh period for the CRL local cache, expressed as a percentage of the validity period of the CRL. |
abstract void |
setCrlCacheType(String crlCacheType) Specifies the type of CRL cache, related to the physical storage of the CRLs. |
abstract void |
setCrlCacheTypeLdapHostname(String crlCacheTypeLdapHostname) Specifies the remote hostname for the LDAP server containing CRLs. |
abstract void |
setCrlCacheTypeLdapPort(int crlCacheTypeLdapPort) Specifies the remote port for the LDAP server containing CRLs. |
abstract void |
setCrlCacheTypeLdapSearchTimeout(int crlCacheTypeLdapSearchTimeout) Specifies how long to wait for CRL search results from the LDAP server. |
abstract void |
setCrlDpBackgroundDownloadEnabled(boolean crlDpBackgroundDownloadEnabled) Specifies whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled. |
abstract void |
setCrlDpDownloadTimeout(long crlDpDownloadTimeout) Specifies the overall timeout for the Distribution Point CRL download, expressed in seconds. |
abstract void |
setCrlDpEnabled(boolean crlDpEnabled) Specifies whether the CRL Distribution Point processing to update the local CRL cache is enabled. |
abstract void |
setFailOnUnknownRevocStatus(boolean failOnUnknownRevocStatus) Specifies whether certificate path checking should fail, if revocation status could not be determined. |
abstract void |
setMethodOrder(String methodOrder) Specifies the certificate revocation checking method order. |
abstract void |
setOcspNonceEnabled(boolean ocspNonceEnabled) Specifies whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response. |
abstract void |
setOcspResponseCacheCapacity(int ocspResponseCacheCapacity) Specifies the maximum number of entries supported by the OCSP response local cache. |
abstract void |
setOcspResponseCacheEnabled(boolean ocspResponseCacheEnabled) Specifies whether the OCSP response local cache is enabled. |
abstract void |
setOcspResponseCacheRefreshPeriodPercent(int ocspResponseCacheRefreshPeriodPercent) Specifies the refresh period for the OCSP response local cache, expressed as a percentage of the validity period of the response. |
abstract void |
setOcspResponseTimeout(long ocspResponseTimeout) Specifies the timeout for the OCSP response, expressed in seconds. |
abstract void |
setOcspTimeTolerance(int ocspTimeTolerance) Specifies the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds. |
Methods inherited from interface weblogic.management.configuration.ConfigurationMBean |
---|
freezeCurrentValue, getId, getInheritedProperties, getName, getNotes, isDynamicallyCreated, isInherited, isSet, restoreDefaultValue, setComments, setDefaultedMBean, setName, setNotes, setPersistenceEnabled, unSet |
Methods inherited from interface weblogic.management.WebLogicMBean |
---|
getMBeanInfo, getObjectName, getParent, getType, isCachingDisabled, isRegistered, setParent |
Methods inherited from interface javax.management.DynamicMBean |
---|
getAttribute, getAttributes, invoke, setAttribute, setAttributes |
Methods inherited from interface javax.management.MBeanRegistration |
---|
postDeregister, postRegister, preDeregister, preRegister |
Methods inherited from interface javax.management.NotificationBroadcaster |
---|
addNotificationListener, getNotificationInfo, removeNotificationListener |
Methods inherited from interface weblogic.descriptor.DescriptorBean |
---|
addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener |
Method Detail |
---|
boolean isCheckingEnabled()
Determines whether certificate revocation checking is enabled.
void setCheckingEnabled(boolean checkingEnabled)
Specifies whether certificate revocation checking is enabled.
checkingEnabled
- The checkingEnabled valueCertRevocMBean.isCheckingEnabled()
boolean isFailOnUnknownRevocStatus()
Determines whether certificate path checking should fail, if revocation status could not be determined.
void setFailOnUnknownRevocStatus(boolean failOnUnknownRevocStatus)
Specifies whether certificate path checking should fail, if revocation status could not be determined.
failOnUnknownRevocStatus
- The failOnUnknownRevocStatus valueCertRevocMBean.isFailOnUnknownRevocStatus()
String getMethodOrder()
Determines the certificate revocation checking method order.
NOTE that omission of a specific method disables that method.
void setMethodOrder(String methodOrder)
Specifies the certificate revocation checking method order.
NOTE THAT omission of a specific method disables that method.
methodOrder
- A String containing the method order.CertRevocMBean.getMethodOrder()
boolean isOcspNonceEnabled()
Determines whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.
void setOcspNonceEnabled(boolean ocspNonceEnabled)
Specifies whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.
ocspNonceEnabled
- The ocspNonceEnabled valueCertRevocMBean.isOcspNonceEnabled()
boolean isOcspResponseCacheEnabled()
Determines whether the OCSP response local cache is enabled.
void setOcspResponseCacheEnabled(boolean ocspResponseCacheEnabled)
Specifies whether the OCSP response local cache is enabled.
ocspResponseCacheEnabled
- The ocspResponseCacheEnabled valueCertRevocMBean.isOcspResponseCacheEnabled()
int getOcspResponseCacheCapacity()
Determines the maximum number of entries supported by the OCSP response local cache. The minimum value is 1.
void setOcspResponseCacheCapacity(int ocspResponseCacheCapacity)
Specifies the maximum number of entries supported by the OCSP response local cache. The minimum value is 1.
ocspResponseCacheCapacity
- The ocspResponseCacheCapacity valueCertRevocMBean.getOcspResponseCacheCapacity()
int getOcspResponseCacheRefreshPeriodPercent()
Determines the refresh period for the OCSP response local cache, expressed as a percentage of the validity period of the response.
For example, for a validity period of 10 hours, a value of 10% specifies a refresh every 1 hour.
The validity period is determined by the OCSP response, and is calculated as the (next reported update time) - (this update time).
The valid range is 1 through 100.
void setOcspResponseCacheRefreshPeriodPercent(int ocspResponseCacheRefreshPeriodPercent)
Specifies the refresh period for the OCSP response local cache, expressed as a percentage of the validity period of the response.
For example, for a validity period of 10 hours, a value of 10% specifies a refresh every 1 hour.
The validity period is determined by the OCSP response, and is calculated as the (next reported update time) - (this update time).
The valid range is 1 through 100.
ocspResponseCacheRefreshPeriodPercent
- The ocspResponseCacheRefreshPeriodPercent valueCertRevocMBean.getOcspResponseCacheRefreshPeriodPercent()
long getOcspResponseTimeout()
Determines the timeout for the OCSP response, expressed in seconds.
The valid range is 1 thru 300 seconds.
void setOcspResponseTimeout(long ocspResponseTimeout)
Specifies the timeout for the OCSP response, expressed in seconds.
The valid range is 1 thru 300 seconds.
ocspResponseTimeout
- The ocspResponseTimeout in seconds.CertRevocMBean.getOcspResponseTimeout()
int getOcspTimeTolerance()
Determines the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.
The validity period of the response is extended both into the future and into the past by the specified amount of time, effectively widening the validity interval.
The value is >=0 and <=900. The maximum allowed tolerance is 15 minutes.
void setOcspTimeTolerance(int ocspTimeTolerance)
Specifies the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.
The validity period of the response is extended both into the future and into the past by the specified amount of time, effectively widening the validity interval.
The value is >=0 and <=900. The maximum allowed tolerance is 15 minutes.
ocspTimeTolerance
- The ocspTimeTolerance value in seconds.CertRevocMBean.getOcspTimeTolerance()
String getCrlCacheType()
Determines the type of CRL cache, related to the physical storage of the CRLs. The ldap
CRL cache type can be specified, but is not currently supported.
The value specified in this attribute determines which related CrlCacheType*
attributes apply.
void setCrlCacheType(String crlCacheType)
Specifies the type of CRL cache, related to the physical storage of the CRLs.
The value specified in this attribute determines which related CrlCacheType*
attributes apply. For example, if CrlCacheType
is ldap
, see related attributes like
.CertRevocMBean.getCrlCacheTypeLdapHostname()
crlCacheType
- The crlCacheType valueCertRevocMBean.getCrlCacheType()
String getCrlCacheTypeLdapHostname()
Determines the remote hostname for the LDAP server containing CRLs.
This attribute applies when value
is returned from CertRevocMBean.CRL_CACHE_TYPE_LDAP
.CertRevocMBean.getCrlCacheType()
null
if unspecified.void setCrlCacheTypeLdapHostname(String crlCacheTypeLdapHostname)
Specifies the remote hostname for the LDAP server containing CRLs.
This attribute applies when value
is returned from CertRevocMBean.CRL_CACHE_TYPE_LDAP
.CertRevocMBean.getCrlCacheType()
crlCacheTypeLdapHostname
- The crlCacheTypeLdapHostname value, null
if unspecified.CertRevocMBean.getCrlCacheTypeLdapHostname()
int getCrlCacheTypeLdapPort()
Determines the remote port for the LDAP server containing CRLs.
This attribute applies when value
is returned from CertRevocMBean.CRL_CACHE_TYPE_LDAP
.CertRevocMBean.getCrlCacheType()
void setCrlCacheTypeLdapPort(int crlCacheTypeLdapPort)
Specifies the remote port for the LDAP server containing CRLs.
This attribute applies when value
is returned from CertRevocMBean.CRL_CACHE_TYPE_LDAP
.CertRevocMBean.getCrlCacheType()
The valid range is -1, 1 through 65535.
crlCacheTypeLdapPort
- The crlCacheTypeLdapPort value, -1 if unspecified.CertRevocMBean.getCrlCacheTypeLdapPort()
int getCrlCacheTypeLdapSearchTimeout()
Determines how long to wait for CRL search results from the LDAP server.
This attribute applies when value
is returned from CertRevocMBean.CRL_CACHE_TYPE_LDAP
.CertRevocMBean.getCrlCacheType()
The valid range is 1 thru 300 seconds.
void setCrlCacheTypeLdapSearchTimeout(int crlCacheTypeLdapSearchTimeout)
Specifies how long to wait for CRL search results from the LDAP server.
This attribute applies when value
is returned from CertRevocMBean.CRL_CACHE_TYPE_LDAP
.CertRevocMBean.getCrlCacheType()
The valid range is 1 thru 300 seconds.
crlCacheTypeLdapSearchTimeout
- The crlCacheTypeLdapSearchTimeout value in seconds.CertRevocMBean.getCrlCacheTypeLdapSearchTimeout()
int getCrlCacheRefreshPeriodPercent()
Determines the refresh period for the CRL local cache, expressed as a percentage of the validity period of the CRL.
For example, for a validity period of 10 hours, a value of 10% specifies a refresh every 1 hour.
The validity period is determined by the CRL, and is calculated as the (next reported update time) - (this update time).
The valid range is 1 through 100.
void setCrlCacheRefreshPeriodPercent(int crlCacheRefreshPeriodPercent)
Specifies the refresh period for the CRL local cache, expressed as a percentage of the validity period of the CRL.
For example, for a validity period of 10 hours, a value of 10% specifies a refresh every 1 hour.
The validity period is determined by the CRL, and is calculated as the (next reported update time) - (this update time).
The valid range is 1 through 100.
crlCacheRefreshPeriodPercent
- The crlCacheRefreshPeriodPercent valueCertRevocMBean.getCrlCacheRefreshPeriodPercent()
boolean isCrlDpEnabled()
Determines whether the CRL Distribution Point processing to update the local CRL cache is enabled.
void setCrlDpEnabled(boolean crlDpEnabled)
Specifies whether the CRL Distribution Point processing to update the local CRL cache is enabled.
crlDpEnabled
- The crlDpEnabled valueCertRevocMBean.isCrlDpEnabled()
long getCrlDpDownloadTimeout()
Determines the overall timeout for the Distribution Point CRL download, expressed in seconds.
The valid range is 1 thru 300 seconds.
void setCrlDpDownloadTimeout(long crlDpDownloadTimeout)
Specifies the overall timeout for the Distribution Point CRL download, expressed in seconds.
The valid range is 1 thru 300 seconds.
crlDpDownloadTimeout
- The crlDpDownloadTimeout value in seconds.CertRevocMBean.getCrlDpDownloadTimeout()
boolean isCrlDpBackgroundDownloadEnabled()
Determines whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.
void setCrlDpBackgroundDownloadEnabled(boolean crlDpBackgroundDownloadEnabled)
Specifies whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.
crlDpBackgroundDownloadEnabled
- The crlDpBackgroundDownloadEnabled valueCertRevocMBean.isCrlDpBackgroundDownloadEnabled()
CertRevocCaMBean[] getCertRevocCas()
Returns the CertRevocCaMBeans representing the certificate authority overrides, which have been configured to be part of this certificate revocation checking configuration.
CertRevocCaMBean createCertRevocCa(String name)
This is the factory method for certificate revocation checking configuration CA overrides.
The short name, which is specified, must be unique among all object instances of type CertRevocCaMBean. The new CA override, which is created, will have this certificate revocation checking configuration as its parent and must be destroyed with the
method.CertRevocMBean.destroyCertRevocCa(weblogic.management.configuration.CertRevocCaMBean)
name
- Unique short namevoid destroyCertRevocCa(CertRevocCaMBean child)
Destroys and removes a certificate authority override, which is a child of this certificate revocation checking configuration.
child
- CertRevocCaMBean to destroyCertRevocCaMBean lookupCertRevocCa(String name)
Lookup a particular CertRevocCaMBean from the list.
name
- Unique short name
|
Copyright 1996, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Oracle Fusion Middleware Java API Reference for Oracle WebLogic Server 12c (12.2.1) Part Number E55141-01 P4 Change 1723563 on 2015/10/09 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |