Type Alias OCSPStatusConfig

OCSPStatusConfig: {
    ca?:
        | string
        | Buffer
        | X509Certificate
        | pkijs.Certificate;
    enableNonce?: boolean;
    ocspUrl?: string;
    rawResponse?: boolean;
    timeout?: number;
    validateSignature?: boolean;
}

Additional optional configuration

Type declaration

  • Optionalca?:
        | string
        | Buffer
        | X509Certificate
        | pkijs.Certificate

    The issuer certificate authority. If not provided, it will be downloaded from the issuer URL. If you already have the issuer certificate, you can provide it here to improve performance.

  • OptionalenableNonce?: boolean

    Whether to include a nonce in the OCSP request. This is enabled by default because it enhances security.

    Default Value

    true
  • OptionalocspUrl?: string

    The URL of the OCSP responder. By default, it will be extracted from the certificate. If you already know the OCSP responder URL, you can provide it here.

  • OptionalrawResponse?: boolean

    Whether to return the raw response as a buffer additionally to the parsed response. This is disabled by default.

  • Optionaltimeout?: number

    Timeout in milliseconds for the OCSP request and download of the issuer certificate. If the request takes longer than this, it will be aborted.

    Default Value

    6000
  • OptionalvalidateSignature?: boolean

    Whether to validate the signature of the OCSP response. This is enabled by default and should only be disabled for debugging purposes.

    Default Value

    true

Settings

Member Visibility