Jump to

• Request
• Response

View This Cert Revoc Ca

get

/management/weblogic/{version}/serverConfig/securityConfiguration/certRevoc/certRevocCas/{name}

View this cert revoc ca.

Request

Path Parameters

• name: string
  The name property of the instance in the collection.
• version: string
  The version of the WebLogic REST interface.

Query Parameters

• excludeFields(optional): string
  The 'excludeFields' query parameter is used to restrict which fields are returned in the response. It is a comma separated list of field names. If present, only fields whose name is not on the list will be returned. If not present, all fields are returned (unless the 'fields' query parameter is specified). Note: 'fields' must not be specified if 'excludeFields' is specified.
• excludeLinks(optional): string
  The 'excludeLinks' query parameter is used to restrict which links are returned in the response. It is a comma separated list of link relationship names. If present, only links whose relationship name is not on the list will be returned. If not present, all links are returned (unless the 'links' query parameter is specified). Note: 'links' must not be specified if 'excludeLinks' is specified.
• fields(optional): string
  The 'fields' query parameter is used to restrict which fields are returned in the response. It is a comma separated list of field names. If present, only fields with matching names are returned. If not present, all fields are returned (unless the 'excludeFields' query parameter is specified). Note: 'excludeFields' must not be specified if 'fields' is specified.
• links(optional): string
  The 'links' query parameter is used to restrict which links are returned in the response. It is a comma separated list of link relationship names. If present, only links with matching relationship names are returned. If not present, all links are returned (unless the 'excludeLinks' query parameter is specified). Note: 'excludeLinks' must not be specified if 'links' is specified.

Security

• Admin: basic
  Type: basic

  Description: A user in the Admin security role.
• Deployer: basic
  Type: basic

  Description: A user in the Deployer security role.
• Monitor: basic
  Type: basic

  Description: A user in the Monitor security role.
• Operator: basic
  Type: basic

  Description: A user in the Operator security role.

Back to Top

Response

Supported Media Types

• application/json

200 Response

Returns this cert revoc ca.

Body ()

Root Schema : Cert Revoc Ca

Type: object

Show Source

• checkingDisabled(optional): boolean
  Default Value: false

  For this CA, determines whether certificate revocation checking is disabled.

• crlDpBackgroundDownloadEnabled(optional): boolean

  For this CA, determines whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.

• crlDpDownloadTimeout(optional): integer(int64)
  Minimum Value: 1

  Maximum Value: 300

  For this CA, determines the overall timeout for the Distribution Point CRL download, expressed in seconds.

  The valid range is 1 thru 300 seconds.

• crlDpEnabled(optional): boolean

  For this CA, determines whether the CRL Distribution Point processing to update the local CRL cache is enabled.

• crlDpUrl(optional): string
  Default Value: oracle.doceng.json.BetterJsonNull@169a697c

  For this CA, determines the CRL Distribution Point URL to use as failover or override for the URL found in the CRLDistributionPoints extension in the certificate.

• crlDpUrlUsage(optional): string
  Default Value: FAILOVER

  Allowed Values: [ "FAILOVER", "OVERRIDE" ]

  For this CA, determines how getCrlDpUrl is used: as failover in case the URL in the certificate CRLDistributionPoints extension is invalid or not found, or as a value overriding the URL found in the certificate CRLDistributionPoints extension.

• distinguishedName(optional): string
  Default Value: oracle.doceng.json.BetterJsonNull@4fa8f600

  Determines the identity of this per-CA configuration using the distinguished name (defined in RFC 2253), which is used in certificates issued by the represented certificate authority.

  For example:

  "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US"

  This will be used to match this configuration to issued certificates requiring revocation checking.

• dynamicallyCreated(optional): boolean
  Read Only: true

  Default Value: false

  Return whether the MBean was created dynamically or is persisted to config.xml

• failOnUnknownRevocStatus(optional): boolean

  For this CA, determines whether certificate path checking should fail, if revocation status could not be determined.

• id(optional): integer(int64)
  Read Only: true

  Return the unique id of this MBean instance

• methodOrder(optional): string
  Allowed Values: [ "OCSP", "CRL", "OCSP_THEN_CRL", "CRL_THEN_OCSP" ]

  For this CA, determines the certificate revocation checking method order.

  NOTE THAT omission of a specific method disables that method.

• name(optional): string
  Read Only: true

  The user-specified name of this MBean instance.

  This name is included as one of the key properties in the MBean's javax.management.ObjectName

  Name=user-specified-name

  Constraints

  • legal null
• notes(optional): string

  Optional information that you can include to describe this configuration.

  WebLogic Server saves this note in the domain's configuration file (config.xml) as XML PCDATA. All left angle brackets (<) are converted to the xml entity <. Carriage returns/line feeds are preserved.

  Note: If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds.

• ocspNonceEnabled(optional): boolean

  For this CA, determines whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.

• ocspResponderCertIssuerName(optional): string
  Default Value: oracle.doceng.json.BetterJsonNull@fa88fbc

  For this CA, determines the explicitly trusted OCSP responder certificate issuer name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".

  The issuer name is formatted as a distinguished name per RFC 2253, for example "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US".

  When getOcspResponderCertIssuerName returns a non-null value then the getOcspResponderCertSerialNumber must also be set.

• ocspResponderCertSerialNumber(optional): string
  Default Value: oracle.doceng.json.BetterJsonNull@51feeac6

  For this CA, determines the explicitly trusted OCSP responder certificate serial number, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_ISSUER_SERIAL_NUMBER".

  The serial number is formatted as a hexidecimal string, with optional colon or space separators, for example "2A:FF:00".

  When getOcspResponderCertSerialNumber returns a non-null value then the getOcspResponderCertIssuerName must also be set.

• ocspResponderCertSubjectName(optional): string
  Default Value: oracle.doceng.json.BetterJsonNull@558f8fed

  For this CA, determines the explicitly trusted OCSP responder certificate subject name, when the attribute returned by getOcspResponderExplicitTrustMethod is "USE_SUBJECT".

  The subject name is formatted as a distinguished name per RFC 2253, for example "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US".

  In cases where the subject name alone is not sufficient to uniquely identify the certificate, then both the getOcspResponderCertIssuerName and getOcspResponderCertSerialNumber may be used instead.

• ocspResponderExplicitTrustMethod(optional): string
  Default Value: NONE

  Allowed Values: [ "NONE", "USE_SUBJECT", "USE_ISSUER_SERIAL_NUMBER" ]

  For this CA, determines whether the OCSP Explicit Trust model is enabled and how the trusted certificate is specified.

  The valid values:

  "NONE"

  Explicit Trust is disabled

  "USE_SUBJECT"

  Identify the trusted certificate using the subject DN specified in the attribute getOcspResponderCertSubjectName

  "USE_ISSUER_SERIAL_NUMBER"

  Identify the trusted certificate using the issuer DN and certificate serial number specified in the attributes getOcspResponderCertIssuerName and getOcspResponderCertSerialNumber, respectively.

• ocspResponderUrl(optional): string
  Default Value: oracle.doceng.json.BetterJsonNull@119075b0

  For this CA, determines the OCSP responder URL to use as failover or override for the URL found in the certificate AIA. The usage is determined by getOcspResponderUrlUsage

• ocspResponderUrlUsage(optional): string
  Default Value: FAILOVER

  Allowed Values: [ "FAILOVER", "OVERRIDE" ]

  For this CA, determines how getOcspResponderUrl is used: as failover in case the URL in the certificate AIA is invalid or not found, or as a value overriding the URL found in the certificate AIA.

• ocspResponseCacheEnabled(optional): boolean

  For this CA, determines whether the OCSP response local cache is enabled.

• ocspResponseTimeout(optional): integer(int64)
  Minimum Value: 1

  Maximum Value: 300

  For this CA, determines the timeout for the OCSP response, expressed in seconds.

  The valid range is 1 thru 300 seconds.

• ocspTimeTolerance(optional): integer(int32)
  Minimum Value: 0

  Maximum Value: 900

  For this CA, determines the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.

  The validity period of the response is extended both into the future and into the past by the specified amount of time, effectively widening the validity interval.

  The value is >=0 and <=900. 15 the maximum allowed tolerance is minutes.< p>

• tags(optional): array Items
  Title: Items

  Return all tags on this Configuration MBean

• type(optional): string
  Read Only: true

  Returns the type of the MBean.

  Constraints

  • unharvestable

{
    "type":"object",
    "properties":{
        "checkingDisabled":{
            "default":false,
            "type":"boolean",
            "description":"<p>For this CA, determines whether certificate revocation checking is disabled.</p>"
        },
        "crlDpBackgroundDownloadEnabled":{
            "type":"boolean",
            "description":"<p>For this CA, determines whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.</p>"
        },
        "crlDpDownloadTimeout":{
            "minimum":1,
            "maximum":300,
            "type":"integer",
            "format":"int64",
            "description":"<p>For this CA, determines the overall timeout for the Distribution Point CRL download, expressed in seconds.</p><p> The valid range is 1 thru 300 seconds.</p>"
        },
        "crlDpEnabled":{
            "type":"boolean",
            "description":"<p>For this CA, determines whether the CRL Distribution Point processing to update the local CRL cache is enabled.</p>"
        },
        "crlDpUrl":{
            "default":null,
            "type":"string",
            "description":"<p>For this CA, determines the CRL Distribution Point URL to use as failover or override for the URL found in the CRLDistributionPoints extension in the certificate.</p>"
        },
        "crlDpUrlUsage":{
            "default":"FAILOVER",
            "enum":[
                "FAILOVER",
                "OVERRIDE"
            ],
            "type":"string",
            "description":"<p>For this CA, determines how <code>getCrlDpUrl</code> is used: as failover in case the URL in the certificate CRLDistributionPoints extension is invalid or not found, or as a value overriding the URL found in the certificate CRLDistributionPoints extension.</p>"
        },
        "distinguishedName":{
            "default":null,
            "type":"string",
            "description":"<p>Determines the identity of this per-CA configuration using the distinguished name (defined in RFC 2253), which is used in certificates issued by the represented certificate authority.</p><p>For example:</p><p><code>\"CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US\"</code></p><p>This will be used to match this configuration to issued certificates requiring revocation checking.</p>"
        },
        "dynamicallyCreated":{
            "readOnly":true,
            "default":false,
            "type":"boolean",
            "description":"<p>Return whether the MBean was created dynamically or is persisted to config.xml</p>"
        },
        "failOnUnknownRevocStatus":{
            "type":"boolean",
            "description":"<p>For this CA, determines whether certificate path checking should fail, if revocation status could not be determined.</p>"
        },
        "id":{
            "readOnly":true,
            "type":"integer",
            "format":"int64",
            "description":"<p>Return the unique id of this MBean instance</p>"
        },
        "methodOrder":{
            "enum":[
                "OCSP",
                "CRL",
                "OCSP_THEN_CRL",
                "CRL_THEN_OCSP"
            ],
            "type":"string",
            "description":"<p>For this CA, determines the certificate revocation checking method order.</p><p>NOTE THAT omission of a specific method disables that method.</p>"
        },
        "name":{
            "readOnly":true,
            "x-weblogic-legalNull":true,
            "type":"string",
            "description":"<p>The user-specified name of this MBean instance.</p><p>This name is included as one of the key properties in the MBean's <code>javax.management.ObjectName</code></p><p><code>Name=<i>user-specified-name</i></code></p><p><h5>Constraints</h5></p><ul><li>legal null</li></ul>"
        },
        "notes":{
            "type":"string",
            "description":"<p>Optional information that you can include to describe this configuration.</p><p>WebLogic Server saves this note in the domain's configuration file (<code>config.xml</code>) as XML PCDATA. All left angle brackets (<) are converted to the XML entity <code>&lt;</code>. Carriage returns/line feeds are preserved.</p><p>Note: If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds.</p>"
        },
        "ocspNonceEnabled":{
            "type":"boolean",
            "description":"<p>For this CA, determines whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.</p>"
        },
        "ocspResponderCertIssuerName":{
            "default":null,
            "type":"string",
            "description":"<p>For this CA, determines the explicitly trusted OCSP responder certificate issuer name, when the attribute returned by <code>getOcspResponderExplicitTrustMethod</code> is \"USE_ISSUER_SERIAL_NUMBER\".</p><p> The issuer name is formatted as a distinguished name per RFC 2253, for example \"CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US\".</p><p> When <code>getOcspResponderCertIssuerName</code> returns a non-null value then the <code>getOcspResponderCertSerialNumber</code> must also be set.</p>"
        },
        "ocspResponderCertSerialNumber":{
            "default":null,
            "type":"string",
            "description":"<p>For this CA, determines the explicitly trusted OCSP responder certificate serial number, when the attribute returned by <code>getOcspResponderExplicitTrustMethod</code> is \"USE_ISSUER_SERIAL_NUMBER\".</p><p> The serial number is formatted as a hexidecimal string, with optional colon or space separators, for example \"2A:FF:00\".</p><p> When <code>getOcspResponderCertSerialNumber</code> returns a non-null value then the <code>getOcspResponderCertIssuerName</code> must also be set.</p>"
        },
        "ocspResponderCertSubjectName":{
            "default":null,
            "type":"string",
            "description":"<p>For this CA, determines the explicitly trusted OCSP responder certificate subject name, when the attribute returned by <code>getOcspResponderExplicitTrustMethod</code> is \"USE_SUBJECT\".</p><p> The subject name is formatted as a distinguished name per RFC 2253, for example \"CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US\".</p><p> In cases where the subject name alone is not sufficient to uniquely identify the certificate, then both the <code>getOcspResponderCertIssuerName</code> and <code>getOcspResponderCertSerialNumber</code> may be used instead.</p>"
        },
        "ocspResponderExplicitTrustMethod":{
            "default":"NONE",
            "enum":[
                "NONE",
                "USE_SUBJECT",
                "USE_ISSUER_SERIAL_NUMBER"
            ],
            "type":"string",
            "description":"<p>For this CA, determines whether the OCSP Explicit Trust model is enabled and how the trusted certificate is specified.</p><p>The valid values:</p><dl><dt>\"NONE\"</dt><dd><p>Explicit Trust is disabled</p></dd><dt>\"USE_SUBJECT\"</dt><dd><p>Identify the trusted certificate using the subject DN specified in the attribute <code>getOcspResponderCertSubjectName</code></p></dd><dt>\"USE_ISSUER_SERIAL_NUMBER\"</dt><dd><p>Identify the trusted certificate using the issuer DN and certificate serial number specified in the attributes <code>getOcspResponderCertIssuerName</code> and <code>getOcspResponderCertSerialNumber</code>, respectively.</p></dd></dl>"
        },
        "ocspResponderUrl":{
            "default":null,
            "type":"string",
            "description":"<p>For this CA, determines the OCSP responder URL to use as failover or override for the URL found in the certificate AIA. The usage is determined by <code>getOcspResponderUrlUsage</code></p>"
        },
        "ocspResponderUrlUsage":{
            "default":"FAILOVER",
            "enum":[
                "FAILOVER",
                "OVERRIDE"
            ],
            "type":"string",
            "description":"<p>For this CA, determines how <code>getOcspResponderUrl</code> is used: as failover in case the URL in the certificate AIA is invalid or not found, or as a value overriding the URL found in the certificate AIA.</p>"
        },
        "ocspResponseCacheEnabled":{
            "type":"boolean",
            "description":"<p>For this CA, determines whether the OCSP response local cache is enabled.</p>"
        },
        "ocspResponseTimeout":{
            "minimum":1,
            "maximum":300,
            "type":"integer",
            "format":"int64",
            "description":"<p>For this CA, determines the timeout for the OCSP response, expressed in seconds.</p><p> The valid range is 1 thru 300 seconds.</p>"
        },
        "ocspTimeTolerance":{
            "minimum":0,
            "maximum":900,
            "type":"integer",
            "format":"int32",
            "description":"<p>For this CA, determines the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.</p><p> The validity period of the response is extended both into the future and into the past by the specified amount of time, effectively widening the validity interval.</p><p> The value is >=0 and <=900. The maximum allowed tolerance is 15 minutes.</p>"
        },
        "tags":{
            "title":"Items",
            "type":"array",
            "items":{
                "type":"string",
                "description":""
            },
            "description":"<p>Return all tags on this Configuration MBean</p>"
        },
        "type":{
            "readOnly":true,
            "x-weblogic-unharvestable":true,
            "type":"string",
            "description":"<p>Returns the type of the MBean.</p><p><h5>Constraints</h5></p><ul><li>unharvestable</li></ul>"
        }
    },
    "description":""
}

Nested Schema : Items

Type: array

Title: Items

Return all tags on this Configuration MBean

Show Source

• Array of: string

{
    "title":"Items",
    "type":"array",
    "items":{
        "type":"string",
        "description":""
    },
    "description":"<p>Return all tags on this Configuration MBean</p>"
}

Back to Top