OcspConfiguration
Contains information to enable and configure Online Certificate Status Protocol (OCSP) for validating certificate revocation status.
When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.
Contents
- Enabled
-
Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.
Type: Boolean
Required: Yes
- OcspCustomCname
-
By default, ACM Private CA injects an AWS domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.
Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://".
For more information, see Customizing Online Certificate Status Protocol (OCSP) in the AWS Certificate Manager Private Certificate Authority (PCA) User Guide.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 253.
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: