CAService (Imixs-Signature Microservice 1.0.0 API)

java.lang.Object
- org.imixs.signature.ca.CAService

```
public class CAService
extends Object
```
The CAService provides methods to managed X509Certificates stored in a keystore. The certificates are used for digital Signature only. Certificates are singed by an existing root or intermediate Certificate stored in a keystore.
Certificates generated by this service have empty passwords and protected by the keystore. For that reason a certificate managed by this service should never be published and used for internal digital signatures only
The service is implemented as a singleton to avoid concurrent access from different clients.

Version:

1.0

Author:

rsoika

See Also:

X509CertificateGenerator

Constructor Summary

Constructors
Constructor and Description

CAService()

Constructors
Constructor and Description
`CAService()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`createCertificate(String alias, org.imixs.workflow.ItemCollection profile)` This method generates a new X509 signed certificate based on an optional given profile ItemCollection.
`boolean`	`existsCertificate(String alias)` Test if a certificate chain for a given alias exists in the keyStore.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- CAService
```
public CAService()
```

Method Detail

existsCertificate
```
public boolean existsCertificate(String alias)
```
Test if a certificate chain for a given alias exists in the keyStore.

Parameters:

alias -

Returns:

true in case a certificate chain was found.

createCertificate

public void createCertificate(String alias,
                              org.imixs.workflow.ItemCollection profile)
                       throws UnrecoverableKeyException,
                              KeyStoreException,
                              NoSuchAlgorithmException,
                              NoSuchProviderException,
                              InvalidKeyException,
                              org.bouncycastle.operator.OperatorCreationException,
                              CertificateException,
                              SignatureException,
                              IOException

This method generates a new X509 signed certificate based on an optional given profile ItemCollection. Existing items with the prefix X509 will be used to build the X509 naming.

The generated certificate will be signed with the root certificated referred by the SIGNATURE_ROOTCERT_ALIAS

Parameters:: alias - - the alias the new certificate will be stored into the keystore; profile - - optional itemCollection containing X509 attributes
Throws:: NoSuchProviderException; NoSuchAlgorithmException; KeyStoreException; UnrecoverableKeyException; SignatureException; CertificateException; org.bouncycastle.operator.OperatorCreationException; InvalidKeyException; IOException; Exception

Class CAService

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

CAService

Method Detail

existsCertificate

createCertificate