User Guide

Adobe LiveCycle Content and Format of the trust.xml File
Installing and Configuring LiveCycle Security Products for JBoss prefs element (Plug-in preferences) 84
ocsp URL
(Optional) The local OCSP Server URL. This attribute is used
only when the
URLToConsult attribute (see attribute later
in this table) is set to
LocalConfig or
LocalConfigIfNoAIA.
SendNonce
(Optional) Specifies whether to send a random number in
the OCSP request to prevent replay attacks. The default value
is
true.
CheckRevocation
(Optional) Specifies whether the revocation checking on the
OCSP certificates is turned on or off. You can set this attribute
to one of the following values:
Never: Never checks.
BestEffort: Try to if possible. No error if no revocation
information is available.
RequiredIfInfoAvail: Revocation information is
returned if available.
AlwaysRequired: Revocation checking is always
required.
The default value is
RequiredIfInfoAvail.
MaxClockSkew
(Optional) The maximum allowed skew in response time and
local time (in minutes). The default value is
5.
ResponseFreshness
(Optional) The maximum time validity of a preconstructed
OCSP response (in minutes). The default value is
525600
(one year).
URLToConsult
(Optional) The URL to be used for OCSP checking. You can set
the attribute to one of the following values:
AIAInCertToCheck: Use URL from the certificate.
LocalConfig: Use the local URL provided using the URL
pref. (See the previous description of OCSP URL, in this
table.)
LocalConfigIfNoAIA: Use local URL if none is
provided in the certificate.
The default value is
AIAInCertToCheck. The default value
indicates that the URL should be present in the certificate.
SignRequest
(Optional) Specifies whether to sign the request. The default
value is
false.
Record type Attribute Description