java.lang.Object
- org.apache.synapse.transport.certificatevalidation.ocsp.OCSPVerifier

All Implemented Interfaces:

RevocationVerifier
```
public class OCSPVerifier
extends Object
implements RevocationVerifier
```
Used to check if a Certificate is revoked or not by its CA using Online Certificate Status Protocol (OCSP).

Field Summary

Fields
Modifier and Type	Field	Description
`static String`	`ACCEPT_TYPE`
`static String`	`CONTENT_TYPE`
`static String`	`JSON_TYPE`
`static String`	`OCSP_REQUEST_TYPE`
`static String`	`OCSP_RESPONSE_TYPE`

Constructor Summary

Constructors
Constructor Description

OCSPVerifier(OCSPCache cache)

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`RevocationStatus`	`checkRevocationStatus(X509Certificate peerCert, X509Certificate issuerCert)`	Gets the revocation status (Good, Revoked or Unknown) of the given peer certificate.
`protected org.bouncycastle.cert.ocsp.OCSPResp`	`getOCSPResponse(String serviceUrl, org.bouncycastle.cert.ocsp.OCSPReq request)`	Gets an ASN.1 encoded OCSP response (as defined in RFC 2560) from the given service URL.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - CONTENT_TYPE
```
public static final String CONTENT_TYPE
```
    See Also:
    
    Constant Field Values
  - JSON_TYPE
```
public static final String JSON_TYPE
```
    See Also:
    
    Constant Field Values
  - ACCEPT_TYPE
```
public static final String ACCEPT_TYPE
```
    See Also:
    
    Constant Field Values
  - OCSP_REQUEST_TYPE
```
public static final String OCSP_REQUEST_TYPE
```
    See Also:
    
    Constant Field Values
  - OCSP_RESPONSE_TYPE
```
public static final String OCSP_RESPONSE_TYPE
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - OCSPVerifier
```
public OCSPVerifier(OCSPCache cache)
```
- Method Detail
  - checkRevocationStatus
```
public RevocationStatus checkRevocationStatus(X509Certificate peerCert,
                                              X509Certificate issuerCert)
                                       throws CertificateVerificationException
```
    Gets the revocation status (Good, Revoked or Unknown) of the given peer certificate.
    
    Specified by:
    
    checkRevocationStatus in interface RevocationVerifier
    
    Parameters:
    
    peerCert - The certificate we want to check if revoked.
    
    issuerCert - Needed to create OCSP request.
    
    Returns:
    
    revocation status of the peer certificate.
    
    Throws:
    
    CertificateVerificationException
  - getOCSPResponse
```
protected org.bouncycastle.cert.ocsp.OCSPResp getOCSPResponse(String serviceUrl,
                                                              org.bouncycastle.cert.ocsp.OCSPReq request)
                                                       throws CertificateVerificationException
```
    Gets an ASN.1 encoded OCSP response (as defined in RFC 2560) from the given service URL. Currently supports only HTTP.
    
    Parameters:
    
    serviceUrl - URL of the OCSP endpoint.
    
    request - an OCSP request object.
    
    Returns:
    
    OCSP response encoded in ASN.1 structure.
    
    Throws:
    
    CertificateVerificationException

Class OCSPVerifier

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

CONTENT_TYPE

JSON_TYPE

ACCEPT_TYPE

OCSP_REQUEST_TYPE

OCSP_RESPONSE_TYPE

Constructor Detail

OCSPVerifier

Method Detail

checkRevocationStatus

getOCSPResponse