Certificate_Validator_OCSP (object)¶

OCSP validator for certificates

Properties (* = required):

name	type(s)	default	allowed values	description
class*	string		“Certificate_Validator_OCSP”
dnsResolver	object			BIG-IP AS3 pointer to DNS resolver used to resolve hostnames in client requests,Reference to a DNS resolver
label	string		“^[^x00-x1fx22#&<>?x5b-x5d`x7f]$”	Optional friendly name for this object. Allows 0-64 chars, excluding a few likely to cause trouble with string searching, JS, TCL, or HTML
remark	string		“^[^x00-x1fx22x5cx7f]*$”	Arbitrary (brief) text pertaining to this object. Allows 0-64 chars, excluding only control characters, double-quote, and backslash. This is permissive enough that you should worry about XSS attacks
responderUrl	string			Specifies the absolute URL that overrides the OCSP responder URL obtained from the certificate’s AIA extension(s). This should be a HTTP based URL.
signingCertificate	object			Specifies the certificate object to use for OCSP responders that require the request to be signed,Reference to a SSL certificate
signingHashAlgorithm	string	“sha256”	“sha1”, “sha256”	Specifies a hash algorithm used to sign an OCSP request
timeout	integer	8	1 - 300	Specifies the time interval (in seconds) that the BIG-IP waits for before ending the connection to the OCSP responder. The default value is 8

Certificate_Validator_OCSP.dnsResolver (object)¶

BIG-IP AS3 pointer to DNS resolver used to resolve hostnames in client requests Reference to a DNS resolver

Properties (* = required):

name	type(s)	default	allowed values	description
bigip	string		“f5bigip” formatted string	Pathname of existing BIG-IP DNS resolver

Specifies the certificate object to use for OCSP responders that require the request to be signed Reference to a SSL certificate

Properties (* = required):

name	type(s)	default	allowed values	description
bigip	string		“f5bigip” formatted string	Pathname of existing BIG-IP SSL certificate
use	string			BIG-IP AS3 pointer to SSL certificate declaration

Previous Next