diff options
author | Ingela Anderton Andin <ingela@erlang.org> | 2017-06-16 15:38:06 +0200 |
---|---|---|
committer | Ingela Anderton Andin <ingela@erlang.org> | 2017-07-07 15:54:19 +0200 |
commit | 3514f176a55db0c9052c3857c6fcba35726945dc (patch) | |
tree | 594580b3cde11669d2cb1adffa947a242125f778 /lib/public_key/doc/src | |
parent | 972f9121311efcfb50db727ab3e930ebc95ab314 (diff) | |
download | otp-3514f176a55db0c9052c3857c6fcba35726945dc.tar.gz otp-3514f176a55db0c9052c3857c6fcba35726945dc.tar.bz2 otp-3514f176a55db0c9052c3857c6fcba35726945dc.zip |
ssl,public_key: Provide details for CRL check failiures when revokation state can not be determined
Diffstat (limited to 'lib/public_key/doc/src')
-rw-r--r-- | lib/public_key/doc/src/public_key.xml | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml index 04966ffb9c..8d4191d112 100644 --- a/lib/public_key/doc/src/public_key.xml +++ b/lib/public_key/doc/src/public_key.xml @@ -621,8 +621,8 @@ fun(OtpCert :: #'OTPCertificate'{}, <v>OTPCertificate = #'OTPCertificate'{}</v> <v>DPAndCRLs = [{DP::#'DistributionPoint'{}, {DerCRL::der_encoded(), CRL::#'CertificateList'{}}}] </v> <v>Options = proplists:proplist()</v> - <v>CRLStatus() = valid | {bad_cert, revocation_status_undetermined} | - {bad_cert, {revoked, crl_reason()}}</v> + <v>CRLStatus() = valid | {bad_cert, revocation_status_undetermined} | {bad_cert, {revocation_status_undetermined, + {bad_crls, Details::term()}}} | {bad_cert, {revoked, crl_reason()}}</v> </type> <desc> <p>Performs CRL validation. It is intended to be called from @@ -650,7 +650,7 @@ fun(OtpCert :: #'OTPCertificate'{}, <tag>{issuer_fun, fun()}</tag> <item> <p>The fun has the following type specification:</p> - + <code> fun(#'DistributionPoint'{}, #'CertificateList'{}, {rdnSequence,[#'AttributeTypeAndValue'{}]}, term()) -> @@ -660,7 +660,15 @@ fun(#'DistributionPoint'{}, #'CertificateList'{}, that has signed the CRL. </p> <code> fun(DP, CRL, Issuer, UserState) -> {ok, RootCert, CertChain}</code> - </item> + </item> + + <tag>{undetermined_details, boolean()}</tag> + <item> + <p>Defaults to false. When revocation status can not be + determined, and this option is set to true, details of why no + CRLs where accepted are included in the return value.</p> + </item> + </taglist> </desc> </func> |