java.lang.Object
- org.keycloak.authentication.authenticators.x509.OCSPUtils

```
public final class OCSPUtils
extends Object
```
Since:

10/29/2016

Version:

$Revision: 1 $

Author:

Peter Nalyvayko

Nested Class Summary

Nested Classes
Modifier and Type Class Description

static interface OCSPUtils.OCSPRevocationStatus

static class OCSPUtils.RevocationStatus

Constructor Summary

Constructors
Constructor Description

OCSPUtils()

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method	Description
`static OCSPUtils.OCSPRevocationStatus`	`check(KeycloakSession session, X509Certificate cert, X509Certificate issuerCertificate)`	Requests certificate revocation status using OCSP.
`static OCSPUtils.OCSPRevocationStatus`	`check(KeycloakSession session, X509Certificate cert, X509Certificate issuerCertificate, URI responderURI, X509Certificate responderCert, Date date)`	Requests certificate revocation status using OCSP.
`static OCSPUtils.OCSPRevocationStatus`	`check(KeycloakSession session, X509Certificate cert, X509Certificate issuerCertificate, Date date, X509Certificate responderCert)`	Requests certificate revocation status using OCSP.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- OCSPUtils
```
public OCSPUtils()
```

Method Detail

check

public static OCSPUtils.OCSPRevocationStatus check(KeycloakSession session,
                                                   X509Certificate cert,
                                                   X509Certificate issuerCertificate,
                                                   URI responderURI,
                                                   X509Certificate responderCert,
                                                   Date date)
                                            throws CertPathValidatorException

Requests certificate revocation status using OCSP.

Parameters:: cert - the certificate to be checked; issuerCertificate - The issuer certificate; responderURI - an address of OCSP responder. Overrides any OCSP responder URIs stored in certificate's AIA extension; date -; responderCert - a certificate that OCSP responder uses to sign OCSP responses
Returns:: revocation status
Throws:: CertPathValidatorException

check

public static OCSPUtils.OCSPRevocationStatus check(KeycloakSession session,
                                                   X509Certificate cert,
                                                   X509Certificate issuerCertificate,
                                                   Date date,
                                                   X509Certificate responderCert)
                                            throws CertPathValidatorException

Requests certificate revocation status using OCSP. The OCSP responder URI is obtained from the certificate's AIA extension.

Parameters:: cert - the certificate to be checked; issuerCertificate - The issuer certificate; date -
Returns:: revocation status
Throws:: CertPathValidatorException

check

public static OCSPUtils.OCSPRevocationStatus check(KeycloakSession session,
                                                   X509Certificate cert,
                                                   X509Certificate issuerCertificate)
                                            throws CertPathValidatorException

Requests certificate revocation status using OCSP. The OCSP responder URI is obtained from the certificate's AIA extension.

Parameters:: cert - the certificate to be checked; issuerCertificate - The issuer certificate
Returns:: revocation status
Throws:: CertPathValidatorException

Modifier and Type	Class	Description
`static interface`	`OCSPUtils.OCSPRevocationStatus`
`static class`	`OCSPUtils.RevocationStatus`

Class OCSPUtils

Nested Class Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

OCSPUtils

Method Detail

check

check

check