iText 9.0.0 API
iText.Signatures.IOcspClient Interface Reference

Interface for the Online Certificate Status Protocol (OCSP) Client. More...

Inheritance diagram for iText.Signatures.IOcspClient:
iText.Signatures.OcspClientBouncyCastle iText.Signatures.Validation.ValidationOcspClient

Public Member Functions

byte[]  GetEncoded (IX509Certificate checkCert, IX509Certificate issuerCert, String url)
  Fetch a DER-encoded BasicOCSPResponse from an OCSP responder. More...
 

Detailed Description

Interface for the Online Certificate Status Protocol (OCSP) Client.

Member Function Documentation

◆ GetEncoded()

byte [] iText.Signatures.IOcspClient.GetEncoded ( IX509Certificate  checkCert,
IX509Certificate  issuerCert,
String  url 
)

Fetch a DER-encoded BasicOCSPResponse from an OCSP responder.

Fetch a DER-encoded BasicOCSPResponse from an OCSP responder. The method should not throw an exception.

Note: do not pass in the full DER-encoded OCSPResponse object obtained from the responder, only the DER-encoded BasicOCSPResponse value contained in the response data.

Parameters
checkCert Certificate to check.
issuerCert The parent certificate.
url The URL of the OCSP responder endpoint. If null, implementations can attempt to obtain a URL from the AuthorityInformationAccess extension of the certificate, or from another implementation-specific source.
Returns
a byte array containing a DER-encoded BasicOCSPResponse structure or null if one could not be obtained

RFC 6960 § 4.2.1

Implemented in iText.Signatures.OcspClientBouncyCastle, and iText.Signatures.Validation.ValidationOcspClient.