Macromedia live cycle 7.2 Manual

Installing and Configuring LiveCycle Security Products for JBoss

 prefs element (Plug-in preferences)     84

ocsp

URL

(Optional) The local OCSP Server URL. This attribute is used 
only when the 

URLToConsult

 attribute (see attribute later 

in this table) is set to 

LocalConfig

 or 

LocalConfigIfNoAIA

.

SendNonce

(Optional) Specifies whether to send a random number in 
the OCSP request to prevent replay attacks. The default value 
is 

true

.

CheckRevocation

(Optional) Specifies whether the revocation checking on the 
OCSP certificates is turned on or off. You can set this attribute 
to one of the following values:

●

Never

: Never checks.

●

BestEffort

: Try to if possible. No error if no revocation 

information is available.

●

RequiredIfInfoAvail

: Revocation information is 

returned if available.

●

AlwaysRequired

: Revocation checking is always 

required.

The default value is 

RequiredIfInfoAvail

.

MaxClockSkew

(Optional) The maximum allowed skew in response time and 
local time (in minutes). The default value is 

5

.

ResponseFreshness

(Optional) The maximum time validity of a preconstructed 
OCSP response (in minutes). The default value is 

525600

 

(one year).

URLToConsult

(Optional) The URL to be used for OCSP checking. You can set 
the attribute to one of the following values:

●

AIAInCertToCheck

: Use URL from the certificate.

●

LocalConfig

: Use the local URL provided using the URL 

pref. (See the previous description of OCSP URL, in this 
table.)

●

LocalConfigIfNoAIA

: Use local URL if none is 

provided in the certificate.

The default value is 

AIAInCertToCheck

. The default value 

indicates that the URL should be present in the certificate.

SignRequest

(Optional) Specifies whether to sign the request. The default 
value is 

false

.