Module io.helidon.common.tls
Package io.helidon.common.tls

Class RevocationConfig.BuilderBase.RevocationConfigImpl

java.lang.Object
io.helidon.common.tls.RevocationConfig.BuilderBase.RevocationConfigImpl
All Implemented Interfaces:
Prototype.Api, RevocationConfig
Enclosing class:
RevocationConfig.BuilderBase<BUILDER extends RevocationConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends RevocationConfig>
protected static class RevocationConfig.BuilderBase.RevocationConfigImpl extends Object implements RevocationConfig
Generated implementation of the prototype, can be extended by descendant prototype implementations.

  • Constructor Details

    • RevocationConfigImpl

      protected RevocationConfigImpl(RevocationConfig.BuilderBase<?,?> builder)
      Create an instance providing a builder.
      Parameters:
      builder - extending builder base of this prototype

  • Method Details

    • enabled

      public boolean enabled()
      Description copied from interface: RevocationConfig
      Flag indicating whether this revocation config is enabled.
      Specified by:
      enabled in interface RevocationConfig
      Returns:
      enabled flag

    • preferCrlOverOcsp

      public boolean preferCrlOverOcsp()
      Description copied from interface: RevocationConfig
      Prefer CRL over OCSP. Default value is false. OCSP is preferred over the CRL by default.
      Specified by:
      preferCrlOverOcsp in interface RevocationConfig
      Returns:
      whether to prefer CRL over OCSP

    • checkOnlyEndEntity

      public boolean checkOnlyEndEntity()
      Description copied from interface: RevocationConfig
      Only check the revocation status of end-entity certificates. Default value is false.
      Specified by:
      checkOnlyEndEntity in interface RevocationConfig
      Returns:
      whether to check only end-entity certificates

    • fallbackEnabled

      public boolean fallbackEnabled()
      Description copied from interface: RevocationConfig
      Enable fallback to the less preferred checking option.
      If the primary method for revocation checking fails to verify the revocation status of a certificate (such as using a CRL or OCSP), the checker will attempt alternative methods. This option ensures whether revocation checking is performed strictly according to the specified method, or should fallback to the one less preferred. OCSP is preferred over the CRL by default.
      Specified by:
      fallbackEnabled in interface RevocationConfig
      Returns:
      whether to allow fallback to the less preferred checking option

    • softFailEnabled

      public boolean softFailEnabled()
      Description copied from interface: RevocationConfig
      Allow revocation check to succeed if the revocation status cannot be determined for one of the following reasons:
      • The CRL or OCSP response cannot be obtained because of a network error.
      • The OCSP responder returns one of the following errors specified in section 2.3 of RFC 2560: internalError or tryLater.
      Specified by:
      softFailEnabled in interface RevocationConfig
      Returns:
      whether soft fail is enabled

    • ocspResponderUri

      public Optional<URI> ocspResponderUri()
      Description copied from interface: RevocationConfig
      The URI that identifies the location of the OCSP responder. This overrides the ocsp.responderURL security property and any responder specified in a certificate's Authority Information Access Extension, as defined in RFC 5280.
      Specified by:
      ocspResponderUri in interface RevocationConfig
      Returns:
      OCSP responder URI

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object