This MBean represents the configuration of certificate
revocation checking for a specific certificate authority. Default
values for attributes in this MBean are derived from
CertRevocMBean
.
Fully Qualified Interface Name | If you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.management.configuration.CertRevocCaMBean
For more information, see: |
Factory Methods |
This section describes the following attributes:
Private property that disables caching in proxies.
This attribute is not dynamic and requires a server restart to take effect.
Privileges | Read only |
Type | boolean |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
For this CA, determines whether certificate revocation checking is disabled.
Privileges | Read/Write |
Type | boolean |
For this CA, determines whether the CRL Distribution Point background downloading, to automatically update the local CRL cache, is enabled.
Privileges | Read/Write |
Type | boolean |
For this CA, determines the overall timeout for the Distribution Point CRL download, expressed in seconds.
The valid range is 1 thru 300 seconds.
Privileges | Read/Write |
Type | long |
Minimum value | 1 |
Maximum value | 300 |
For this CA, determines whether the CRL Distribution Point processing to update the local CRL cache is enabled.
Privileges | Read/Write |
Type | boolean |
For this CA, determines the CRL Distribution Point URL to use as failover or override for the URL found in the CRLDistributionPoints extension in the certificate.
For more information, see:
Privileges | Read/Write |
Type | java.lang.String |
For this CA, determines how getCrlDpUrl
is used: as
failover in case the URL in the certificate CRLDistributionPoints
extension is invalid or not found, or as a value overriding the URL
found in the certificate CRLDistributionPoints extension.
For more information, see:
Privileges | Read/Write |
Type | java.lang.String |
Default Value | FAILOVER |
Legal Values |
|
Determines the identity of this per-CA configuration using the distinguished name (defined in RFC 2253), which is used in certificates issued by the represented certificate authority.
For example:
"CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization,
L=MyTown, ST=MyState, C=US"
This will be used to match this configuration to issued certificates requiring revocation checking.
Privileges | Read/Write |
Type | java.lang.String |
Return whether the MBean was created dynamically or is persisted to config.xml
This attribute is not dynamic and requires a server restart to take effect.
Privileges | Read only |
Type | boolean |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
For this CA, determines whether certificate path checking should fail, if revocation status could not be determined.
Privileges | Read/Write |
Type | boolean |
Return the unique id of this MBean instance
This attribute is not dynamic and requires a server restart to take effect.
Privileges | Read only |
Type | long |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Returns the MBean info for this MBean.
This attribute is not dynamic and requires a server restart to take effect.
Deprecated.
Privileges | Read only |
Type | javax.management.MBeanInfo |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
For this CA, determines the certificate revocation checking method order.
NOTE THAT omission of a specific method disables that method.
Privileges | Read/Write |
Type | java.lang.String |
Legal Values |
|
The user-specified name of this MBean instance.
This name is included as one of the key properties in the
MBean's javax.management.ObjectName
:
Name=user-specified-name
This attribute is not dynamic and requires a server restart to take effect.
Privileges | Read/Write |
Type | java.lang.String |
Optional information that you can include to describe this configuration.
WebLogic Server saves this note in the domain's configuration
file (config.xml
) as XML PCDATA. All left angle
brackets (<) are converted to the XML entity
<
. Carriage returns/line feeds are
preserved.
Note: If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds.
This attribute is not dynamic and requires a server restart to take effect.
Privileges | Read/Write |
Security roles | Write access is granted only to the following roles:
|
Type | java.lang.String |
Returns the ObjectName under which this MBean is registered in the MBean server.
This attribute is not dynamic and requires a server restart to take effect.
Deprecated.
Privileges | Read only |
Type | weblogic.management.WebLogicObjectName |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
For this CA, determines whether a nonce is sent with OCSP requests, to force a fresh (not pre-signed) response.
Privileges | Read/Write |
Type | boolean |
For this CA, determines the explicitly trusted OCSP responder
certificate issuer name, when the attribute returned by
getOcspResponderExplicitTrustMethod
is
"USE_ISSUER_SERIAL_NUMBER".
The issuer name is formatted as a distinguished name per RFC 2253, for example "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US".
When OcspResponderCertIssuerName
returns a non-null value then the OcspResponderCertSerialNumber
must also be set.
For more information, see:
Privileges | Read/Write |
Type | java.lang.String |
For this CA, determines the explicitly trusted OCSP responder
certificate serial number, when the attribute returned by
getOcspResponderExplicitTrustMethod
is
"USE_ISSUER_SERIAL_NUMBER".
The serial number is formatted as a hexidecimal string, with optional colon or space separators, for example "2A:FF:00".
When OcspResponderCertSerialNumber
returns a non-null value then the OcspResponderCertIssuerName
must also be set.
For more information, see:
Privileges | Read/Write |
Type | java.lang.String |
For this CA, determines the explicitly trusted OCSP responder
certificate subject name, when the attribute returned by
getOcspResponderExplicitTrustMethod
is
"USE_SUBJECT".
The subject name is formatted as a distinguished name per RFC 2253, for example "CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US".
In cases where the subject name alone is not sufficient to
uniquely identify the certificate, then both the OcspResponderCertIssuerName
and OcspResponderCertSerialNumber
may be used instead.
For more information, see:
Privileges | Read/Write |
Type | java.lang.String |
For this CA, determines whether the OCSP Explicit Trust model is enabled and how the trusted certificate is specified.
The valid values:
Explicit Trust is disabled
Identify the trusted certificate using the subject DN specified
in the attribute OcspResponderCertSubjectName
.
Identify the trusted certificate using the issuer DN and
certificate serial number specified in the attributes OcspResponderCertIssuerName
and OcspResponderCertSerialNumber
, respectively.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | NONE |
Legal Values |
|
For this CA, determines the OCSP responder URL to use as
failover or override for the URL found in the certificate AIA. The
usage is determined by getOcspResponderUrlUsage
.
For more information, see:
Privileges | Read/Write |
Type | java.lang.String |
For this CA, determines how getOcspResponderUrl
is
used: as failover in case the URL in the certificate AIA is invalid
or not found, or as a value overriding the URL found in the
certificate AIA.
For more information, see:
Privileges | Read/Write |
Type | java.lang.String |
Default Value | FAILOVER |
Legal Values |
|
For this CA, determines whether the OCSP response local cache is enabled.
Privileges | Read/Write |
Type | boolean |
For this CA, determines the timeout for the OCSP response, expressed in seconds.
The valid range is 1 thru 300 seconds.
Privileges | Read/Write |
Type | long |
Minimum value | 1 |
Maximum value | 300 |
For this CA, determines the time tolerance value for handling clock-skew differences between clients and responders, expressed in seconds.
The validity period of the response is extended both into the future and into the past by the specified amount of time, effectively widening the validity interval.
The value is >=0 and <=900. The maximum allowed tolerance is 15 minutes.
Privileges | Read/Write |
Type | int |
Minimum value | 0 |
Maximum value | 900 |
Return the immediate parent for this MBean
This attribute is not dynamic and requires a server restart to take effect.
Privileges | Read/Write |
Type |
Returns false if the MBean represented by this object has been unregistered.
This attribute is not dynamic and requires a server restart to take effect.
Deprecated.
Privileges | Read only |
Type | boolean |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Return all tags on this Configuration MBean
This attribute is dynamic and takes effect immediately.
Available Since | Release 12.2.1.0.0 |
Privileges | Read/Write |
Type | class java.lang.String[] |
Returns the type of the MBean.
This attribute is not dynamic and requires a server restart to take effect.
Privileges | Read only |
Type | java.lang.String |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
This section describes the following operations:
Add a tag to this Configuration MBean. Adds a tag to the current set of tags on the Configuration MBean. Tags may contain white spaces.
Operation Name | "addTag" |
Parameters | Object [] { tag }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
Exceptions |
|
If the specified attribute has not been set explicitly, and if the attribute has a default value, this operation forces the MBean to persist the default value.
Unless you use this operation, the default value is not saved and is subject to change if you update to a newer release of WebLogic Server. Invoking this operation isolates this MBean from the effects of such changes.
Note: To insure that you are freezing the default value, invoke
the restoreDefaultValue
operation before you invoke
this.
This operation has no effect if you invoke it on an attribute that does not provide a default value or on an attribute for which some other value has been set.
Deprecated.
Operation Name | "freezeCurrentValue" |
Parameters | Object [] { attributeName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Return all properties' names whose value is inherited from template mbean. this is a convenient method to get inheritance info on multiple properties in one jmx call.
Operation Name | "getInheritedProperties" |
Parameters | Object [] { propertyNames }
where:
|
Signature | String [] {
"[Ljava.lang.String;" } |
Returns |
class |
Check if the value of a property is inherited from template mbean or not.
Operation Name | "isInherited" |
Parameters | Object [] { propertyName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
Returns true if the specified attribute has been set explicitly in this MBean instance.
Operation Name | "isSet" |
Parameters | Object [] { propertyName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
Remove a tag from this Configuration MBean
Operation Name | "removeTag" |
Parameters | Object [] { tag }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
Exceptions |
|
If the specified attribute has a default value, this operation removes any value that has been set explicitly and causes the attribute to use the default value.
Default values are subject to change if you update to a newer
release of WebLogic Server. To prevent the value from changing if
you update to a newer release, invoke the
freezeCurrentValue
operation.
This operation has no effect if you invoke it on an attribute that does not provide a default value or on an attribute that is already using the default.
Deprecated.
Operation Name | "restoreDefaultValue" |
Parameters | Object [] { attributeName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Restore the given property to its default value.
Operation Name | "unSet" |
Parameters | Object [] { propertyName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|