| Value | Meaning |
|---|---|
| UNSPECIFIED | This reason indicates that it is unspecified as to why the certificate has been revoked. |
| KEY_COMPROMISE | This reason indicates that it is known or suspected that the certificate subject's private key has been compromised. It applies to end-entity certificates only. |
| CA_COMPROMISE | This reason indicates that it is known or suspected that the certificate subject's private key has been compromised. It applies to certificate authority (CA) certificates only. |
| AFFILIATION_CHANGED | This reason indicates that the subject's name or other information has changed. |
| SUPERSEDED | This reason indicates that the certificate has been superseded. |
| CESSATION_OF_OPERATION | This reason indicates that the certificate is no longer needed. |
| CERTIFICATE_HOLD | This reason indicates that the certificate has been put on hold. |
| UNUSED | Unused reason. |
| REMOVE_FROM_CRL | This reason indicates that the certificate was previously on hold and should be removed from the CRL. It is for use with delta CRLs. |
| PRIVILEGE_WITHDRAWN | This reason indicates that the privileges granted to the subject of the certificate have been withdrawn. |
| AA_COMPROMISE | This reason indicates that it is known or suspected that the certificate subject's private key has been compromised. It applies to authority attribute (AA) certificates only. |
The CRLReason enumeration specifies the reason that a certificate is revoked, as defined in <a href="http://www.ietf.org/rfc/rfc3280.txt"> RFC 3280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile</a>.
@author Sean Mullan @since 1.7 @see X509CRLEntry#getRevocationReason @see CertificateRevokedException#getRevocationReason