Use the GET /certificates/revocation/settings endpoint to retrieve certificate revocation settings.

Status codes

Code Reason
200 Success.

CertificateRevocationSettings - Certificate revocation settings.

Property Type Description
crlSettings CrlSettings Certificate revocation CRL settings. CRL revocation is enabled by default. It will be disabled if this attribute is not defined in the request body.
ocspSettings OcspSettings Certificate revocation OCSP settings. OCSP revocation is disabled by default. It will be enabled if this attribute is defined in the request body.
proxySettings ProxySettings If OCSP messaging is routed through a proxy server, specify the server’s host (DNS name or IP address) and the port number. The same proxy information applies to CRL checking, when CRL is enabled for failover.

OcspSettings - OCSP settings.

Property Type Description
actionOnResponderUnavailable string Action on responder unavailable. This value defaults to “CONTINUE”.
actionOnStatusUnknown string Action on status unknown. This value defaults to “FAIL”.
actionOnUnsuccessfulResponse string Action on unsuccessful response. This value defaults to “FAIL”.
currentUpdateGracePeriod integer Current update grace period in minutes. This value defaults to “5”.
nextUpdateGracePeriod integer Next update grace period in minutes. This value defaults to “5”.
requesterAddNonce boolean Do not allow responder to use cached responses. This setting defaults to disabled.
responderCertReference ResourceLink Resource link to OCSP responder signature verification certificate. A previously selected certificate will be deselected if this attribute is not defined.
responderTimeout integer Responder connection timeout in seconds. This value defaults to “5”.
responderUrl * string Responder URL address. This field is required if OCSP revocation is enabled.
responseCachePeriod integer Response cache period in hours. This value defaults to “48”.

ResourceLink - A reference to a resource.

Property Type Description
id * string The ID of the resource.
location string A read-only URL that references the resource. If the resource is not currently URL-accessible, this property will be null.

CrlSettings - CRL settings.

Property Type Description
nextRetryMinsWhenNextUpdateInPast integer Next retry on next update expiration in minutes. This value defaults to “60”.
nextRetryMinsWhenResolveFailed integer Next retry on resolution failure in minutes. This value defaults to “1440”.
treatNonRetrievableCrlAsRevoked boolean Treat non retrievable CRL as revoked. This setting defaults to disabled.
verifyCrlSignature boolean Verify CRL signature. This setting defaults to enabled.

ProxySettings - Proxy settings.

Property Type Description
host string Host name.
port integer Port number.