Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

PKI Policy defines the trusted Certificate Authority certificates (trust anchors) and CRL/OCSP endpoints used when validating certificates or certificate chains and attributes generated from subject and issuer certificates.

On this page described:

Table of Contents
maxLevel6
minLevel1
include
outlinefalse
indent
exclude
stylenone
typelist
printabletrue
class

PKI Policy XML configuration file

...

The <CRL /> and <OCSP /> elements

Code Block
languagexml
<xs:element name="CRL" type="CRLType" />
<xs:element name="OCSP" type="OCSPType" />
<xs:complexType name="CRLType">
  <xs:complexContent>
    <xs:extension base="PropertiesType">
      <xs:attribute name="uri" type="xs:anyURI" use="required" />
    </xs:extension>
  </xs:complexContent>
</xs:complexType>
<xs:complexType name="OCSPType">
  <xs:complexContent>
    <xs:extension base="PropertiesType">
      <xs:attribute name="uri" type="xs:anyURI" use="required" />
    </xs:extension>
  </xs:complexContent>
</xs:complexType>
<xs:complexType name="PropertiesType" abstract="true">
  <xs:sequence minOccurs="0" maxOccurs="unbounded">
    <xs:element name="Property" type="PropertyType" />
  </xs:sequence>
  <xs:attribute name="id" type="xs:ID" use="optional" />
</xs:complexType>
<xs:complexType name="PropertyType">
  <xs:simpleContent>
    <xs:extension base="xs:string">
      <xs:attribute name="name" type="xs:string" use="required" />
    </xs:extension>
  </xs:simpleContent>
</xs:complexType>

...