Type alias OCSPStatusConfig

OCSPStatusConfig: {
    ca?: string | Buffer | X509Certificate | pkijs.Certificate;
    enableNonce?: boolean;
    ocspUrl?: string;
    timeout?: number;
    validateSignature?: boolean;
}

Additional optional configuration

Type declaration

  • Optional ca?: string | Buffer | X509Certificate | pkijs.Certificate

    The issuer certificate authority. If not provided, it will be downloaded from the issuer URL. If you already have the issuer certificate, you can provide it here to improve performance.

  • Optional enableNonce?: boolean

    Whether to include a nonce in the OCSP request. This is enabled by default because it enhances security.

    Default Value

    true
  • Optional ocspUrl?: string

    The URL of the OCSP responder. By default, it will be extracted from the certificate. If you already know the OCSP responder URL, you can provide it here.

  • Optional timeout?: number

    Timeout in milliseconds for the OCSP request and download of the issuer certificate. If the request takes longer than this, it will be aborted.

    Default Value

    6000
  • Optional validateSignature?: boolean

    Whether to validate the signature of the OCSP response. This is enabled by default and should only be disabled for debugging purposes.

    Default Value

    true

Settings

Member Visibility

Theme

Generated using TypeDoc