5.5.3.1. Attributes of AbstractVerifier - - Zorp GPL 7 Reference Guide

Previous | Up | Next

5.5.3.1. Attributes of AbstractVerifier

intermediate_revocation_check_type (enum)
Default: TLS_INTERMEDIATE_REVOCATION_SOFT_FAIL
Specify how intermediate certificates revocation status check should work.

leaf_revocation_check_type (enum)
Default: TLS_LEAF_REVOCATION_SOFT_FAIL
Specify how leaf certificate revocation status check should work.

required (boolean)
Default: trusted
If the `required` is TRUE, a certificate is required from the peer.

trust_level (enum)
Default: TLS_TRUST_LEVEL_FULL
Specify which certificate should be accepted as trusted.

trusted_certs_directory (string)
Default: ""
A directory where trusted IP address - certificate assignments are stored. When a peer from a specific IP address shows the certificate stored in this directory, it is accepted regardless of its expiration or issuer CA. Each file in the directory should contain a certificate in PEM format. The filename must bethe IP address.

verify_ca_directory (string)
Default: ""
Directory where the trusted CA certificates are stored. CA certificates are loaded on-demand from this directory when the certificate of the peer is verified.

verify_crl_directory (string)
Default: ""
Directory where the CRLs (Certificate Revocation Lists) associated with trusted CAs are stored. CRLs are loaded on-demand from this directory when the certificate of the peer is verified.

verify_depth (integer)
Default: 4
The length of the longest accepted CA verification chain. Longer CA chains are automatically rejected.

Previous	Up	Next
	Home

Published on March 04, 2024
© BalaSys IT Ltd.
Send your comments to support@balasys.hu

Contents
Search

loading table of contents...

Search Highlighter (On/Off)