CRLUtils (Keycloak Docs Distribution 21.0.2 API)

java.lang.Object
- org.keycloak.utils.CRLUtils

```
public final class CRLUtils
extends Object
```
Since:

10/31/2016

Version:

$Revision: 1 $

Author:

Peter Nalyvayko

Constructor Summary

Constructors
Constructor Description

CRLUtils()

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method	Description
`static void`	`check(X509Certificate[] certs, X509CRL crl, KeycloakSession session)`	Check the signature on CRL and check if 1st certificate from the chain ((The actual certificate from the client)) is valid and not available on CRL.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - CRLUtils
```
public CRLUtils()
```
- Method Detail
  - check
```
public static void check(X509Certificate[] certs,
                         X509CRL crl,
                         KeycloakSession session)
                  throws GeneralSecurityException
```
    Check the signature on CRL and check if 1st certificate from the chain ((The actual certificate from the client)) is valid and not available on CRL.
    
    Parameters:
    
    certs - The 1st certificate is the actual certificate of the user. The other certificates represents the certificate chain
    
    crl - Given CRL
    
    Throws:
    
    GeneralSecurityException - if some error in validation happens. Typically certificate not valid, or CRL signature not valid