aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key/doc/src
diff options
context:
space:
mode:
authorIngela Anderton Andin <ingela@erlang.org>2017-06-16 15:38:06 +0200
committerIngela Anderton Andin <ingela@erlang.org>2017-07-07 15:54:19 +0200
commit3514f176a55db0c9052c3857c6fcba35726945dc (patch)
tree594580b3cde11669d2cb1adffa947a242125f778 /lib/public_key/doc/src
parent972f9121311efcfb50db727ab3e930ebc95ab314 (diff)
downloadotp-3514f176a55db0c9052c3857c6fcba35726945dc.tar.gz
otp-3514f176a55db0c9052c3857c6fcba35726945dc.tar.bz2
otp-3514f176a55db0c9052c3857c6fcba35726945dc.zip
ssl,public_key: Provide details for CRL check failiures when revokation state can not be determined
Diffstat (limited to 'lib/public_key/doc/src')
-rw-r--r--lib/public_key/doc/src/public_key.xml16
1 files changed, 12 insertions, 4 deletions
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index 04966ffb9c..8d4191d112 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -621,8 +621,8 @@ fun(OtpCert :: #'OTPCertificate'{},
<v>OTPCertificate = #'OTPCertificate'{}</v>
<v>DPAndCRLs = [{DP::#'DistributionPoint'{}, {DerCRL::der_encoded(), CRL::#'CertificateList'{}}}] </v>
<v>Options = proplists:proplist()</v>
- <v>CRLStatus() = valid | {bad_cert, revocation_status_undetermined} |
- {bad_cert, {revoked, crl_reason()}}</v>
+ <v>CRLStatus() = valid | {bad_cert, revocation_status_undetermined} | {bad_cert, {revocation_status_undetermined,
+ {bad_crls, Details::term()}}} | {bad_cert, {revoked, crl_reason()}}</v>
</type>
<desc>
<p>Performs CRL validation. It is intended to be called from
@@ -650,7 +650,7 @@ fun(OtpCert :: #'OTPCertificate'{},
<tag>{issuer_fun, fun()}</tag>
<item>
<p>The fun has the following type specification:</p>
-
+
<code>
fun(#'DistributionPoint'{}, #'CertificateList'{},
{rdnSequence,[#'AttributeTypeAndValue'{}]}, term()) ->
@@ -660,7 +660,15 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
that has signed the CRL.
</p>
<code> fun(DP, CRL, Issuer, UserState) -> {ok, RootCert, CertChain}</code>
- </item>
+ </item>
+
+ <tag>{undetermined_details, boolean()}</tag>
+ <item>
+ <p>Defaults to false. When revocation status can not be
+ determined, and this option is set to true, details of why no
+ CRLs where accepted are included in the return value.</p>
+ </item>
+
</taglist>
</desc>
</func>