Package org.keycloak.utils
Class CRLUtils
java.lang.Object
org.keycloak.utils.CRLUtils
- Since:
- 10/31/2016
- Version:
- $Revision: 1 $
- Author:
- Peter Nalyvayko
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic void
check
(X509Certificate[] certs, X509CRL crl, KeycloakSession session) Check the signature on CRL and check if 1st certificate from the chain ((The actual certificate from the client)) is valid and not available on CRL.
-
Constructor Details
-
CRLUtils
public CRLUtils()
-
-
Method Details
-
check
public static void check(X509Certificate[] certs, X509CRL crl, KeycloakSession session) throws GeneralSecurityException Check the signature on CRL and check if 1st certificate from the chain ((The actual certificate from the client)) is valid and not available on CRL.- Parameters:
certs
- The 1st certificate is the actual certificate of the user. The other certificates represents the certificate chaincrl
- Given CRL- Throws:
GeneralSecurityException
- if some error in validation happens. Typically certificate not valid, or CRL signature not valid
-