Class CRLDistributionPointsExtension

  • All Implemented Interfaces:
    java.io.Serializable

    @NotMutable
    @ThreadSafety(level=COMPLETELY_THREADSAFE)
    public final class CRLDistributionPointsExtension
    extends X509CertificateExtension
    This class provides an implementation of the CRL distribution points X.509 certificate extension as described in RFC 5280 section 4.2.1.13. This can be used to provide information about the location of certificate revocation lists (CRLs) that can be examined to check the validity of this certificate.

    The OID for this extension is 2.5.29.31 and the value has the following encoding:
       CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
    
       DistributionPoint ::= SEQUENCE {
            distributionPoint       [0]     DistributionPointName OPTIONAL,
            reasons                 [1]     ReasonFlags OPTIONAL,
            cRLIssuer               [2]     GeneralNames OPTIONAL }
    
       DistributionPointName ::= CHOICE {
            fullName                [0]     GeneralNames,
            nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
    
       ReasonFlags ::= BIT STRING {
            unused                  (0),
            keyCompromise           (1),
            cACompromise            (2),
            affiliationChanged      (3),
            superseded              (4),
            cessationOfOperation    (5),
            certificateHold         (6),
            privilegeWithdrawn      (7),
            aACompromise            (8) }
     
    See Also:
    Serialized Form
    • Method Detail

      • getCRLDistributionPoints

        public java.util.List<CRLDistributionPointgetCRLDistributionPoints()
        Retrieves the list of CRL distribution points included in this extension.
        Returns:
        The list of CRL distribution points included in this extension.
      • toString

        public void toString​(java.lang.StringBuilder buffer)
        Appends a string representation of this certificate extension to the provided buffer.
        Overrides:
        toString in class X509CertificateExtension
        Parameters:
        buffer - The buffer to which the information should be appended.