Class: Aws::ACMPCA::Types::OcspConfiguration

Inherits:

Struct

Object
Struct
Aws::ACMPCA::Types::OcspConfiguration

Includes:: Structure

Defined in:: lib/aws-sdk-acmpca/types.rb

Overview

Contains information to enable and configure Online Certificate Status Protocol (OCSP) for validating certificate revocation status.

When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.

Constant Summary collapse

SENSITIVE =

[]

Instance Attribute Summary collapse

#enabled ⇒ Boolean

Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.
#ocsp_custom_cname ⇒ String

By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP).

Instance Attribute Details

#enabled ⇒ `Boolean`

Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.

Returns:

(Boolean)

# File 'lib/aws-sdk-acmpca/types.rb', line 2057

class OcspConfiguration < Struct.new(
  :enabled,
  :ocsp_custom_cname)
  SENSITIVE = []
  include Aws::Structure
end

#ocsp_custom_cname ⇒ `String`

By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.

<note markdown=“1”> The content of a Canonical Name (CNAME) record must conform to

RFC2396][1: restrictions on the use of special characters in URIs.

Additionally, the value of the CNAME must not include a protocol prefix such as “http://” or “https://”.

</note>

For more information, see [Customizing Online Certificate Status Protocol (OCSP) ][2] in the *Amazon Web Services Private Certificate Authority User Guide*.

[1]: www.ietf.org/rfc/rfc2396.txt [2]: docs.aws.amazon.com/privateca/latest/userguide/ocsp-customize.html