{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://raw.githubusercontent.com/api-evangelist/amazon-private-ca/refs/heads/main/json-schema/amazon-private-ca-revocation-configuration-schema.json",
"title": "RevocationConfiguration",
"description": "Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions. Your private certificate authority (CA) can configure Online Certificate Status Protocol (OCSP) support and/or maintain a certificate revocation list (CRL). OCSP returns validation information about certificates as requested by clients, and a CRL contains an updated list of certificates revoked by your CA. For more information, see RevokeCertificate and Setting up a certificate revocation method in the Amazon Web Services Private Certificate Authority User Guide.",
"type": "object",
"properties": {
"CrlConfiguration": {
"allOf": [
{
"$ref": "#/components/schemas/CrlConfiguration"
},
{
"description": "Configuration of the certificate revocation list (CRL), if any, maintained by your private CA. A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts every 15 minutes."
}
]
},
"OcspConfiguration": {
"allOf": [
{
"$ref": "#/components/schemas/OcspConfiguration"
},
{
"description": "Configuration of Online Certificate Status Protocol (OCSP) support, if any, maintained by your private CA. When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status."
}
]
}
}
}