PKI Policy defines the trusted Certificate Authority certificates (trust anchors) and CRL/OCSP endpoints used when validating certificates or certificate chains and attributes generated from subject and issuer certificates.
On this page described:
Table of Contents | ||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
PKI Policy XML configuration file
...
The <CRL /> and <OCSP /> elements
Code Block | ||
---|---|---|
| ||
<xs:element name="CRL" type="CRLType" /> <xs:element name="OCSP" type="OCSPType" /> <xs:complexType name="CRLType"> <xs:complexContent> <xs:extension base="PropertiesType"> <xs:attribute name="uri" type="xs:anyURI" use="required" /> </xs:extension> </xs:complexContent> </xs:complexType> <xs:complexType name="OCSPType"> <xs:complexContent> <xs:extension base="PropertiesType"> <xs:attribute name="uri" type="xs:anyURI" use="required" /> </xs:extension> </xs:complexContent> </xs:complexType> <xs:complexType name="PropertiesType" abstract="true"> <xs:sequence minOccurs="0" maxOccurs="unbounded"> <xs:element name="Property" type="PropertyType" /> </xs:sequence> <xs:attribute name="id" type="xs:ID" use="optional" /> </xs:complexType> <xs:complexType name="PropertyType"> <xs:simpleContent> <xs:extension base="xs:string"> <xs:attribute name="name" type="xs:string" use="required" /> </xs:extension> </xs:simpleContent> </xs:complexType> |
...