Class CRLUtils

java.lang.Object
org.keycloak.utils.CRLUtils

public final class CRLUtils extends Object
Since:
10/31/2016
Version:
$Revision: 1 $
Author:
Peter Nalyvayko
  • Constructor Details

    • CRLUtils

      public CRLUtils()
  • Method Details

    • check

      public static void check(X509Certificate[] certs, X509CRL crl, KeycloakSession session) throws GeneralSecurityException
      Check the signature on CRL and check if 1st certificate from the chain ((The actual certificate from the client)) is valid and not available on CRL.
      Parameters:
      certs - The 1st certificate is the actual certificate of the user. The other certificates represents the certificate chain
      crl - Given CRL
      Throws:
      GeneralSecurityException - if some error in validation happens. Typically certificate not valid, or CRL signature not valid