CredentialCRL

Overview

The <CRL> element of a File CredentialResolver references a certificate revocation list from a local file or a remote URL. This is not typically used as part of confguring a local credential belonging to the SP, but more typically used to supply CRLs to more advanced metadata verification strategies that utilize the PKIX and StaticPKIX TrustEngines.

Reference

Attributes

Specific Attributes

In addition the following CRL-specific settings are supported:

Name

Type

Default

Description

Name

Type

Default

Description

format 

"PEM", or "DER"

 

Optional indicator of CRL file format (auto-detected in most cases)

Child Elements