Class RevocationVerificationManager


  • public class RevocationVerificationManager
    extends Object
    Manager class responsible for verifying certificates. This class will use the available verifiers according to a predefined policy.
    • Constructor Detail

      • RevocationVerificationManager

        public RevocationVerificationManager​(Integer cacheAllocatedSize,
                                             Integer cacheDelayMins)
    • Method Detail

      • verifyRevocationStatus

        public void verifyRevocationStatus​(X509Certificate[] peerCertificates)
                                    throws CertificateVerificationException
        This method first tries to verify the given certificate chain using OCSP since OCSP verification is faster. If that fails it tries to do the verification using CRL.
        Parameters:
        peerCertificates - javax.security.cert.X509Certificate[] array of peer certificate chain from peer/client.
        Throws:
        CertificateVerificationException