Package com.itextpdf.signatures

Interface IOcspClient

All Known Implementing Classes:

OcspClientBouncyCastle

       public interface IOcspClient
      

Interface for the Online Certificate Status Protocol (OCSP) Client.

Method Summary

Modifier and Type	Method	Description
byte[]	getEncoded(X509Certificate checkCert, X509Certificate issuerCert, String url)	Fetch a DER-encoded BasicOCSPResponse from an OCSP responder.

Method Details

getEncoded

             byte[] getEncoded
             (X509Certificate checkCert, X509Certificate issuerCert, String url)
            

Fetch a DER-encoded BasicOCSPResponse from an OCSP responder. The method should not throw an exception.

Note: do not pass in the full DER-encoded OCSPResponse object obtained from the responder, only the DER-encoded BasicOCSPResponse value contained in the response data.

Parameters:

checkCert - Certificate to check.

issuerCert - The parent certificate.

url - The URL of the OCSP responder endpoint. If null, implementations can attempt to obtain a URL from the AuthorityInformationAccess extension of the certificate, or from another implementation-specific source.

Returns:

a byte array containing a DER-encoded BasicOCSPResponse structure or null if one could not be obtained

See Also:

• RFC 6960 § 4.2.1