private void addRevocationErrors() { DiagnosticData diagnosticData = this.signature.validate().getReports().getDiagnosticData(); if (diagnosticData == null) { return; } String certificateRevocationSource = diagnosticData .getCertificateRevocationSource(diagnosticData.getSigningCertificateId()); this.log.debug("Revocation source is <{}>", certificateRevocationSource); if (StringUtils.equalsIgnoreCase("CRLToken", certificateRevocationSource)) { this.log.error("Signing certificate revocation source is CRL instead of OCSP"); this.addValidationError(new UntrustedRevocationSourceException()); } }