The AIA extension identifies how to access CA information and services for the certificate in which it appears. It enables CAs to issue their certificates pre-configured with the URLs appropriate for contacting services relevant to those certificates. For example, a CA may issue a certificate that identifies the specific OCSP Responder to use when performing on-line validation of that certificate.
This extension is defined in Internet X.509 PKI Certificate and Certificate Revocation List (CRL) Profile. The profile permits the extension to be included in end-entity or CA certificates, and it must be marked as non-critical. Its ASN.1 definition is as follows:
id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 } AuthorityInfoAccessSyntax ::= SEQUENCE SIZE (1..MAX) OF AccessDescription AccessDescription ::= SEQUENCE { accessMethod OBJECT IDENTIFIER, accessLocation GeneralName }
Extension
Modifier and Type | Field and Description |
---|---|
private List | accessDescriptions
The List of AccessDescription objects. |
public static final String |
Access | Constructor and Description |
---|---|
public | AuthorityInfoAccessExtension(List<AccessDescription>
the List of AccessDescription,
cannot be null or empty. accessDescriptions)Create an AuthorityInfoAccessExtension from a List of AccessDescription; the criticality is set to false. |
public | AuthorityInfoAccessExtension(Boolean
true if the extension is to be treated as critical. critical, Object Array of DER encoded bytes of the actual value. value)Create the extension from the passed DER encoded value of the same. |
Modifier and Type | Method and Description |
---|---|
public void | encode(DerOutputStream
the DerOutputStream to write the extension to. out)Overrides sun. Implements sun. |
private void | |
public List | |
public String | |
public String | toString()
Overrides sun. |
accessDescriptions | back to summary |
---|---|
private List<AccessDescription> accessDescriptions The List of AccessDescription objects. |
NAME | back to summary |
---|---|
public static final String NAME |
AuthorityInfoAccessExtension | back to summary |
---|---|
public AuthorityInfoAccessExtension(List<AccessDescription> accessDescriptions) Create an AuthorityInfoAccessExtension from a List of AccessDescription; the criticality is set to false.
|
AuthorityInfoAccessExtension | back to summary |
---|---|
public AuthorityInfoAccessExtension(Boolean critical, Object value) throws IOException Create the extension from the passed DER encoded value of the same.
|
encode | back to summary |
---|---|
public void encode(DerOutputStream out) Overrides sun. Implements sun. Write the extension to the DerOutputStream.
|
encodeThis | back to summary |
---|---|
private void encodeThis() |
getAccessDescriptions | back to summary |
---|---|
public List Return the list of AccessDescription objects. |
getName | back to summary |
---|---|
public String getName() Overrides sun. Return the name of this extension.
|
toString | back to summary |
---|---|
public String toString() Overrides sun. Return the extension as user readable string.
|