Class: Aws::ACMPCA::Types::OcspConfiguration

Inherits:

Struct

Object
Struct
Aws::ACMPCA::Types::OcspConfiguration

show all

Defined in:: gems/aws-sdk-acmpca/lib/aws-sdk-acmpca/types.rb

Overview

Contains information to enable and configure Online Certificate Status Protocol (OCSP) for validating certificate revocation status.

When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.

Constant Summary collapse

SENSITIVE =

[]

Instance Attribute Summary collapse

#enabled ⇒ Boolean
Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.
#ocsp_custom_cname ⇒ String
By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP).

Instance Attribute Details

#enabled ⇒ `Boolean`

Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.

Returns:

(Boolean)

# File 'gems/aws-sdk-acmpca/lib/aws-sdk-acmpca/types.rb', line 2013

class OcspConfiguration < Struct.new(
  :enabled,
  :ocsp_custom_cname)
  SENSITIVE = []
  include Aws::Structure
end

#ocsp_custom_cname ⇒ `String`

By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.

The content of a Canonical Name (CNAME) record must conform to RFC2396 restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".

For more information, see Customizing Online Certificate Status Protocol (OCSP) in the Amazon Web Services Private Certificate Authority User Guide.