* If a DOM is supplied, the following XML content is supported:
*
* <ul>
- * <li>checkRevocation attribute (optional, required, all)
+ * <li>checkRevocation attribute (optional, entityOnly, fullChain)
* </ul>
*
* @param e DOM to supply configuration for provider
*/
AbstractPKIXTrustEngine(const xercesc::DOMElement* e=nullptr);
- /** Controls revocation checking, currently limited to CRLs and supports "optional" and "required". */
+ /** Controls revocation checking, currently limited to CRLs and supports "optional", "entityOnly", "fullChain". */
std::string m_checkRevocation;
/** Flag controls whether every issuer in the trust path must have a CRL loaded. */
certEE,
certChain,
pkix.get(),
- (m_checkRevocation=="required" || m_checkRevocation=="all"),
- (m_fullCRLChain || m_checkRevocation=="all"),
+ (m_checkRevocation=="entityOnly" || m_checkRevocation=="fullChain"),
+ (m_fullCRLChain || m_checkRevocation=="fullChain"),
inlineCRLs
)) {
return true;