Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Documentation
data OcspConfiguration Source #
Contains information to enable and configure Online Certificate Status Protocol (OCSP) for validating certificate revocation status.
When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.
See: newOcspConfiguration
smart constructor.
OcspConfiguration' | |
|
Instances
Create a value of OcspConfiguration
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:ocspCustomCname:OcspConfiguration'
, ocspConfiguration_ocspCustomCname
- By default, Amazon Web Services Private CA injects an Amazon Web
Services domain into certificates being validated by the Online
Certificate Status Protocol (OCSP). A customer can alternatively use
this object to define a CNAME specifying a customized OCSP domain.
The content of a Canonical Name (CNAME) record must conform to RFC2396 restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".
For more information, see Customizing Online Certificate Status Protocol (OCSP) in the Amazon Web Services Private Certificate Authority User Guide.
$sel:enabled:OcspConfiguration'
, ocspConfiguration_enabled
- Flag enabling use of the Online Certificate Status Protocol (OCSP) for
validating certificate revocation status.
ocspConfiguration_ocspCustomCname :: Lens' OcspConfiguration (Maybe Text) Source #
By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.
The content of a Canonical Name (CNAME) record must conform to RFC2396 restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".
For more information, see Customizing Online Certificate Status Protocol (OCSP) in the Amazon Web Services Private Certificate Authority User Guide.
ocspConfiguration_enabled :: Lens' OcspConfiguration Bool Source #
Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.