org.xipki.ca.api.mgmt

Interface CaManager

public interface CaManager

TODO.

Since:

2.0.0

Author:

Lijun Liao

Field Summary

Fields

Modifier and Type	Field and Description
static int	MAX_SERIALNUMBER_SIZE Since serial number should be positive and maximal 20 bytes, the maximal value of bitLen is 159.
static int	MIN_SERIALNUMBER_SIZE The highest bit is always set to 1, so the effective bit length is bitLen - 1.
static String	NULL

Method Summary

Modifier and Type	Method and Description
void	addCa(MgmtEntry.Ca caEntry) Adds a CA.
void	addCaAlias(String aliasName, String caName) Adds the alias aliasName to the given CA caName.
void	addCertprofile(MgmtEntry.Certprofile certprofileEntry) Adds a certificate profile.
void	addCertprofileToCa(String profileName, String caName) Add the certificate profile profileName the the CA caName.
void	addPublisher(MgmtEntry.Publisher entry) Adds a publisher.
void	addPublisherToCa(String publisherName, String caName) Adds publisher publisherName to CA caName.
void	addRequestor(MgmtEntry.Requestor requestorEntry) Adds requstor.
void	addRequestorToCa(MgmtEntry.CaHasRequestor requestor, String caName) Adds the requestor requestorName to the CA caName.
void	addSigner(MgmtEntry.Signer signerEntry) Adds a signer.
void	addUser(MgmtEntry.AddUser addUserEntry) Adds a user.
void	addUserToCa(MgmtEntry.CaHasUser user, String caName) Adds the user userName from the CA caName.
void	changeCa(MgmtEntry.ChangeCa changeCaEntry) Changes a CA.
void	changeCertprofile(String name, String type, String conf) Changes the certificate profile name.
void	changePublisher(String name, String type, String conf) Changes the publisher name.
void	changeRequestor(String name, String type, String conf) Changes the requestor name of type CERTIFCATE.
void	changeSigner(String name, String type, String conf, String base64Cert) Changes the signer name.
void	changeUser(MgmtEntry.ChangeUser changeUserEntry) Change the user.
void	clearPublishQueue(String caName, List<String> publisherNames) Clear the publish queue for the CA caName and publishers publisherNames.
InputStream	exportConf(List<String> caNames) Exports the CA system configuration to a zip-stream.
X509Certificate	generateCertificate(String caName, String profileName, byte[] encodedCsr, Date notBefore, Date notAfter) CA caName issues a new certificate.
X509CRL	generateCrlOnDemand(String caName) Generates a new CRL for CA caName.
X509Certificate	generateRootCa(MgmtEntry.Ca caEntry, String certprofileName, byte[] encodedCsr, BigInteger serialNumber) Generates a self-signed CA certificate.
Set<String>	getAliasesForCa(String caName) Gets the aliases of the given CA caName.
MgmtEntry.Ca	getCa(String caName) Gets the CA named caName.
Set<String>	getCaAliasNames()
Map<String,MgmtEntry.CaHasUser>	getCaHasUsersForUser(String user) Returns map between CA name an CaHasUserEntry for given user.
String	getCaNameForAlias(String aliasName) Gets the CA name for the alias aliasName.
Set<String>	getCaNames()
CaSystemStatus	getCaSystemStatus()
CertWithRevocationInfo	getCert(String caName, BigInteger serialNumber) Returns certificate with status information for the CA caName and with serial number serialNumber.
CertWithRevocationInfo	getCert(org.bouncycastle.asn1.x500.X500Name issuer, BigInteger serialNumber) Returns certificate with revocation information for the issuer and with serial number serialNumber.
MgmtEntry.Certprofile	getCertprofile(String profileName) Returns the certificate profile named profileName.
Set<String>	getCertprofileNames()
Set<String>	getCertprofilesForCa(String caName) Returns the Certprofile names supported by the CA caName.
byte[]	getCertRequest(String caName, BigInteger serialNumber) Returns the request used to enroll the given certificate.
X509CRL	getCrl(String caName, BigInteger crlNumber) Returns the CRL of CA caName with the CRL number crlNumber.
X509CRL	getCurrentCrl(String caName) Returns the latest CRL of CA caName.
Set<String>	getFailedCaNames()
Set<String>	getInactiveCaNames()
MgmtEntry.Publisher	getPublisher(String publisherName) Returns the publisher.
Set<String>	getPublisherNames()
List<MgmtEntry.Publisher>	getPublishersForCa(String caName) Returns publishers for the CA caName.
MgmtEntry.Requestor	getRequestor(String name) Returns the requestor named name.
Set<String>	getRequestorNames()
Set<MgmtEntry.CaHasRequestor>	getRequestorsForCa(String caName) Returns the Requests supported by the CA caName.
MgmtEntry.Signer	getSigner(String name) Returns the signer named name.
Set<String>	getSignerNames()
Set<String>	getSuccessfulCaNames()
Set<String>	getSupportedCertprofileTypes() Retrieves the types of supported certificate profiles.
Set<String>	getSupportedPublisherTypes() Retrieves the types of supported publishers.
Set<String>	getSupportedSignerTypes() Retrieves the types of supported signers.
MgmtEntry.User	getUser(String username) Returns the user username.
List<CertListInfo>	listCertificates(String caName, org.bouncycastle.asn1.x500.X500Name subjectPattern, Date validFrom, Date validTo, CertListOrderBy orderBy, int numEntries) Returns a sorted list of certificate meta information.
Map<String,X509Certificate>	loadConf(InputStream zippedConfStream) Loads the CA system configuration.
void	notifyCaChange()
void	refreshTokenForSignerType(String signerType)
void	removeCa(String caName) Removes the CA caName from the system.
void	removeCaAlias(String aliasName) Remove the alias aliasName.
void	removeCertificate(String caName, BigInteger serialNumber) Removes a certificate with the serial number serialNumber, and issued by the CA caName.
void	removeCertprofile(String profileName) Removes the certificate profile profileName.
void	removeCertprofileFromCa(String profileName, String caName) Removes the support of the certprofile profileName from the CA caName.
void	removePublisher(String publisherName) Removes the publisher publisherName.
void	removePublisherFromCa(String publisherName, String caName) Removes publisher publisherName from the CA caName.
void	removeRequestor(String requestorName) Removes requestor named requestorName.
void	removeRequestorFromCa(String requestorName, String caName) Removes the requestor requestorName from the CA caName.
void	removeSigner(String name) Removes the signer named name.
void	removeUser(String username) Remove the name username.
void	removeUserFromCa(String userName, String caName) Removes the user userName from the CA caName.
void	republishCertificates(String caName, List<String> publisherNames, int numThreads) Republishes certificates of the CA caName to the publishers publisherNames.
void	restartCaSystem()
void	revokeCa(String caName, org.xipki.security.CertRevocationInfo revocationInfo) Revokes the CA caName.
void	revokeCertificate(String caName, BigInteger serialNumber, org.xipki.security.CrlReason reason, Date invalidityTime) Revokes a certificate with the serial number serialNumber, and issued by the CA caName.
void	unlockCa()
void	unrevokeCa(String caName) Unrevokes the CA caName.
void	unrevokeCertificate(String caName, BigInteger serialNumber) Unrevokes a certificate with the serial number serialNumber, and issued by the CA caName.

Field Detail

NULL

static final String NULL

See Also:

Constant Field Values

MIN_SERIALNUMBER_SIZE

static final int MIN_SERIALNUMBER_SIZE

The highest bit is always set to 1, so the effective bit length is bitLen - 1. To ensure that at least 64 bit entropy, bitLen must be at least 65. For better entropy, we increase it to 71.

See Also:

Constant Field Values

MAX_SERIALNUMBER_SIZE

static final int MAX_SERIALNUMBER_SIZE

Since serial number should be positive and maximal 20 bytes, the maximal value of bitLen is 159.

See Also:

Constant Field Values

Method Detail

getCaSystemStatus

CaSystemStatus getCaSystemStatus()
                          throws CaMgmtException

Throws:

CaMgmtException

unlockCa

void unlockCa()
       throws CaMgmtException

Throws:

CaMgmtException

notifyCaChange

void notifyCaChange()
             throws CaMgmtException

Throws:

CaMgmtException

republishCertificates

void republishCertificates(String caName,
                           List<String> publisherNames,
                           int numThreads)
                    throws CaMgmtException

Republishes certificates of the CA caName to the publishers publisherNames.

Parameters:

caName - CA name. Could be null.

publisherNames - Publisher names. Could be null.

numThreads - Number of threads

Throws:

CaMgmtException - if error occurs.

clearPublishQueue

void clearPublishQueue(String caName,
                       List<String> publisherNames)
                throws CaMgmtException

Clear the publish queue for the CA caName and publishers publisherNames.

Parameters:

caName - CA name. Could be null.

publisherNames - Publisher names. Could be null.

Throws:

CaMgmtException - if error occurs.

refreshTokenForSignerType

void refreshTokenForSignerType(String signerType)
                        throws CaMgmtException

Throws:

CaMgmtException

removeCa

void removeCa(String caName)
       throws CaMgmtException

Removes the CA caName from the system.

Parameters:

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

restartCaSystem

void restartCaSystem()
              throws CaMgmtException

Throws:

CaMgmtException

addCaAlias

void addCaAlias(String aliasName,
                String caName)
         throws CaMgmtException

Adds the alias aliasName to the given CA caName.

Parameters:

aliasName - CA alias name. Must not be null.

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

removeCaAlias

void removeCaAlias(String aliasName)
            throws CaMgmtException

Remove the alias aliasName.

Parameters:

aliasName - Alias name. Must not be null.

Throws:

CaMgmtException - if error occurs.

getAliasesForCa

Set<String> getAliasesForCa(String caName)
                     throws CaMgmtException

Gets the aliases of the given CA caName.

Parameters:

caName - CA name. Must not be null.

Returns:

the aliases of the given CA.

Throws:

CaMgmtException - if error occurs.

getCaNameForAlias

String getCaNameForAlias(String aliasName)
                  throws CaMgmtException

Gets the CA name for the alias aliasName.

Parameters:

aliasName - CA alias name. Must not be null.

Returns:

the aliases of the given CA.

Throws:

CaMgmtException - if error occurs.

getCaAliasNames

Set<String> getCaAliasNames()
                     throws CaMgmtException

Throws:

CaMgmtException

getCertprofileNames

Set<String> getCertprofileNames()
                         throws CaMgmtException

Throws:

CaMgmtException

getPublisherNames

Set<String> getPublisherNames()
                       throws CaMgmtException

Throws:

CaMgmtException

getRequestorNames

Set<String> getRequestorNames()
                       throws CaMgmtException

Throws:

CaMgmtException

getSignerNames

Set<String> getSignerNames()
                    throws CaMgmtException

Throws:

CaMgmtException

getCaNames

Set<String> getCaNames()
                throws CaMgmtException

Throws:

CaMgmtException

getSuccessfulCaNames

Set<String> getSuccessfulCaNames()
                          throws CaMgmtException

Throws:

CaMgmtException

getFailedCaNames

Set<String> getFailedCaNames()
                      throws CaMgmtException

Throws:

CaMgmtException

getInactiveCaNames

Set<String> getInactiveCaNames()
                        throws CaMgmtException

Throws:

CaMgmtException

addCa

void addCa(MgmtEntry.Ca caEntry)
    throws CaMgmtException

Adds a CA.

Parameters:

caEntry - CA to be added. Must not be null.

Throws:

CaMgmtException - if error occurs.

getCa

MgmtEntry.Ca getCa(String caName)
            throws CaMgmtException

Gets the CA named caName.

Parameters:

caName - CA name. Must not be null.

Returns:

the CaEntry

Throws:

CaMgmtException - if error occurs.

changeCa

void changeCa(MgmtEntry.ChangeCa changeCaEntry)
       throws CaMgmtException

Changes a CA.

Parameters:

changeCaEntry - ChangeCA entry. Must not be null.

Throws:

CaMgmtException - if error occurs.

removeCertprofileFromCa

void removeCertprofileFromCa(String profileName,
                             String caName)
                      throws CaMgmtException

Removes the support of the certprofile profileName from the CA caName.

Parameters:

profileName - Profile name. Must not be null.

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

addCertprofileToCa

void addCertprofileToCa(String profileName,
                        String caName)
                 throws CaMgmtException

Add the certificate profile profileName the the CA caName.

Parameters:

profileName - Profile name. Must not be null.

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

removePublisherFromCa

void removePublisherFromCa(String publisherName,
                           String caName)
                    throws CaMgmtException

Removes publisher publisherName from the CA caName.

Parameters:

publisherName - Publisher name. Must not be null.

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

addPublisherToCa

void addPublisherToCa(String publisherName,
                      String caName)
               throws CaMgmtException

Adds publisher publisherName to CA caName.

Parameters:

publisherName - Publisher name. Must not be null.

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

getCertprofilesForCa

Set<String> getCertprofilesForCa(String caName)
                          throws CaMgmtException

Returns the Certprofile names supported by the CA caName.

Parameters:

caName - CA name. Must not be null.

Returns:

the Certprofile names.

Throws:

CaMgmtException - if error occurs.

getRequestorsForCa

Set<MgmtEntry.CaHasRequestor> getRequestorsForCa(String caName)
                                          throws CaMgmtException

Returns the Requests supported by the CA caName.

Parameters:

caName - CA name. Must not be null.

Returns:

the requestors.

Throws:

CaMgmtException - if error occurs.

getRequestor

MgmtEntry.Requestor getRequestor(String name)
                          throws CaMgmtException

Returns the requestor named name.

Parameters:

name - Requestor name. Must not be null.

Returns:

the requestor.

Throws:

CaMgmtException - if error occurs.

addRequestor

void addRequestor(MgmtEntry.Requestor requestorEntry)
           throws CaMgmtException

Adds requstor.

Parameters:

requestorEntry - Requestor entry. Must not be null.

Throws:

CaMgmtException - if error occurs.

removeRequestor

void removeRequestor(String requestorName)
              throws CaMgmtException

Removes requestor named requestorName.

Parameters:

requestorName - Requestor name. Must not be null.

Throws:

CaMgmtException - if error occurs.

changeRequestor

void changeRequestor(String name,
                     String type,
                     String conf)
              throws CaMgmtException

Changes the requestor name of type CERTIFCATE.

Parameters:

name - name of the certificate profile to be changed. Must not be null.

type - Type to be changed. null indicates no change.

conf - Configuration to be changed. null indicates no change.

Throws:

CaMgmtException - if error occurs.

removeRequestorFromCa

void removeRequestorFromCa(String requestorName,
                           String caName)
                    throws CaMgmtException

Removes the requestor requestorName from the CA caName.

Parameters:

requestorName - Requestor name. Must not be null.

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

addRequestorToCa

void addRequestorToCa(MgmtEntry.CaHasRequestor requestor,
                      String caName)
               throws CaMgmtException

Adds the requestor requestorName to the CA caName.

Parameters:

requestor - Requestor name. Must not be null.

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

removeUserFromCa

void removeUserFromCa(String userName,
                      String caName)
               throws CaMgmtException

Removes the user userName from the CA caName.

Parameters:

userName - User name. Must not be null.

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

addUserToCa

void addUserToCa(MgmtEntry.CaHasUser user,
                 String caName)
          throws CaMgmtException

Adds the user userName from the CA caName.

Parameters:

user - User entry. Must not be null.

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

getCaHasUsersForUser

Map<String,MgmtEntry.CaHasUser> getCaHasUsersForUser(String user)
                                              throws CaMgmtException

Returns map between CA name an CaHasUserEntry for given user.

Parameters:

user - User

Returns:

map between CA name and CaHasUserEntry for given user.

Throws:

CaMgmtException - if error occurs.

getCertprofile

MgmtEntry.Certprofile getCertprofile(String profileName)
                              throws CaMgmtException

Returns the certificate profile named profileName.

Parameters:

profileName - certificate profile name. Must not be null.

Returns:

the profile

Throws:

CaMgmtException - if error occurs.

removeCertprofile

void removeCertprofile(String profileName)
                throws CaMgmtException

Removes the certificate profile profileName.

Parameters:

profileName - certificate profile name. Must not be null.

Throws:

CaMgmtException - if error occurs.

changeCertprofile

void changeCertprofile(String name,
                       String type,
                       String conf)
                throws CaMgmtException

Changes the certificate profile name.

Parameters:

name - name of the certificate profile to be changed. Must not be null.

type - Type to be changed. null indicates no change.

conf - Configuration to be changed. null indicates no change.

Throws:

CaMgmtException - if error occurs.

addCertprofile

void addCertprofile(MgmtEntry.Certprofile certprofileEntry)
             throws CaMgmtException

Adds a certificate profile.

Parameters:

certprofileEntry - Certificate profile entry. Must not be null.

Throws:

CaMgmtException - if error occurs.

addSigner

void addSigner(MgmtEntry.Signer signerEntry)
        throws CaMgmtException

Adds a signer.

Parameters:

signerEntry - Signer entry. Must not be null.

Throws:

CaMgmtException - if error occurs.

removeSigner

void removeSigner(String name)
           throws CaMgmtException

Removes the signer named name.

Parameters:

name - Signer name. Must not be null.

Throws:

CaMgmtException - if error occurs.

getSigner

MgmtEntry.Signer getSigner(String name)
                    throws CaMgmtException

Returns the signer named name.

Parameters:

name - Signer name. Must not be null.

Returns:

the signer.

Throws:

CaMgmtException - if error occurs.

changeSigner

void changeSigner(String name,
                  String type,
                  String conf,
                  String base64Cert)
           throws CaMgmtException

Changes the signer name.

Parameters:

name - name of the signer to be changed. Must not be null.

type - Type to be changed. null indicates no change.

conf - Configuration to be changed. null indicates no change.

encodedCert - Encoded certificate of the signer. null indicates no change.

Throws:

CaMgmtException - if error occurs.

addPublisher

void addPublisher(MgmtEntry.Publisher entry)
           throws CaMgmtException

Adds a publisher.

Parameters:

entry - Publisher entry.

Throws:

CaMgmtException - if error occurs.

getPublishersForCa

List<MgmtEntry.Publisher> getPublishersForCa(String caName)
                                      throws CaMgmtException

Returns publishers for the CA caName.

Parameters:

caName - CA name. Must not be null.

Returns:

publishers for the given CA.

Throws:

CaMgmtException - if error occurs.

getPublisher

MgmtEntry.Publisher getPublisher(String publisherName)
                          throws CaMgmtException

Returns the publisher.

Parameters:

publisherName - Publisher name. Must not be null.

Returns:

the publisher.

Throws:

CaMgmtException - if error occurs.

removePublisher

void removePublisher(String publisherName)
              throws CaMgmtException

Removes the publisher publisherName.

Parameters:

publisherName - Publisher name. Must not be null.

Throws:

CaMgmtException - if error occurs.

changePublisher

void changePublisher(String name,
                     String type,
                     String conf)
              throws CaMgmtException

Changes the publisher name.

Parameters:

name - name of the publisher to be changed. Must not be null.

type - Type to be changed. null indicates no change.

conf - Configuration to be changed. null indicates no change.

Throws:

CaMgmtException - if error occurs.

revokeCa

void revokeCa(String caName,
              org.xipki.security.CertRevocationInfo revocationInfo)
       throws CaMgmtException

Revokes the CA caName.

Parameters:

caName - CA name. Must not be null.

revocationInfo - Revocation information. Must not be null.

Throws:

CaMgmtException - if error occurs.

unrevokeCa

void unrevokeCa(String caName)
         throws CaMgmtException

Unrevokes the CA caName.

Parameters:

caName - CA name. Must not be null.

Throws:

CaMgmtException - if error occurs.

revokeCertificate

void revokeCertificate(String caName,
                       BigInteger serialNumber,
                       org.xipki.security.CrlReason reason,
                       Date invalidityTime)
                throws CaMgmtException

Revokes a certificate with the serial number serialNumber, and issued by the CA caName.

Parameters:

caName - CA name. Must not be null.

serialNumber - Serial number. Must not be null.

reason - Revocation reason. Must not be null.

invalidityTime - Invalidity time. Could be null.

Throws:

CaMgmtException - if error occurs.

unrevokeCertificate

void unrevokeCertificate(String caName,
                         BigInteger serialNumber)
                  throws CaMgmtException

Unrevokes a certificate with the serial number serialNumber, and issued by the CA caName.

Parameters:

caName - CA name. Must not be null.

serialNumber - Serial number. Must not be null.

Throws:

CaMgmtException - if error occurs.

removeCertificate

void removeCertificate(String caName,
                       BigInteger serialNumber)
                throws CaMgmtException

Removes a certificate with the serial number serialNumber, and issued by the CA caName.

Parameters:

caName - CA name. Must not be null.

serialNumber - Serial number. Must not be null.

Throws:

CaMgmtException - if error occurs.

generateCertificate

X509Certificate generateCertificate(String caName,
                                    String profileName,
                                    byte[] encodedCsr,
                                    Date notBefore,
                                    Date notAfter)
                             throws CaMgmtException

CA caName issues a new certificate.

Parameters:

caName - CA name. Must not be null.

profileName - Name of the certificate profile. Must not be null.

encodedCsr - CSR. Must not be null.

notBefore - NotBefore. Could be null.

notAfter - NotAfter. Could be null.

Returns:

the issued certificate

Throws:

CaMgmtException - if error occurs.

generateRootCa

X509Certificate generateRootCa(MgmtEntry.Ca caEntry,
                               String certprofileName,
                               byte[] encodedCsr,
                               BigInteger serialNumber)
                        throws CaMgmtException

Generates a self-signed CA certificate.

Parameters:

caEntry - CA entry. Must not be null.

certprofileName - Profile name of the root CA certificate. Must not be null.

encodedCsr - CSR. Must not be null.

serialNumber - Serial number. Could be null.

Returns:

the generated certificate

Throws:

CaMgmtException - if error occurs.

addUser

void addUser(MgmtEntry.AddUser addUserEntry)
      throws CaMgmtException

Adds a user.

Parameters:

addUserEntry - AddUser entry. Must not be null.

Throws:

CaMgmtException - if error occurs.

changeUser

void changeUser(MgmtEntry.ChangeUser changeUserEntry)
         throws CaMgmtException

Change the user.

Parameters:

changeUserEntry - User change entry. Must not be null.

Throws:

CaMgmtException - if error occurs.

removeUser

void removeUser(String username)
         throws CaMgmtException

Remove the name username.

Parameters:

username - User name. Must not be null.

Throws:

CaMgmtException - if error occurs.

getUser

MgmtEntry.User getUser(String username)
                throws CaMgmtException

Returns the user username.

Parameters:

username - User name. Must not be null.

Returns:

the user

Throws:

CaMgmtException - if error occurs.

generateCrlOnDemand

X509CRL generateCrlOnDemand(String caName)
                     throws CaMgmtException

Generates a new CRL for CA caName.

Parameters:

caName - CA name. Must not be null.

Returns:

the generated CRL.

Throws:

CaMgmtException - if error occurs.

getCrl

X509CRL getCrl(String caName,
               BigInteger crlNumber)
        throws CaMgmtException

Returns the CRL of CA caName with the CRL number crlNumber.

Parameters:

caName - CA name. Must not be null.

crlNumber - CRL number. Must not be null.

Returns:

the CRL.

Throws:

CaMgmtException - if error occurs.

getCurrentCrl

X509CRL getCurrentCrl(String caName)
               throws CaMgmtException

Returns the latest CRL of CA caName.

Parameters:

caName - CA name. Must not be null.

Returns:

the CRL.

Throws:

CaMgmtException - if error occurs.

getCert

CertWithRevocationInfo getCert(String caName,
                               BigInteger serialNumber)
                        throws CaMgmtException

Returns certificate with status information for the CA caName and with serial number serialNumber.

Parameters:

caName - CA name. Must not be null.

serialNumber - Serial number. Must not be null.

Returns:

the certificate with status information.

Throws:

CaMgmtException - if error occurs.

getCert

CertWithRevocationInfo getCert(org.bouncycastle.asn1.x500.X500Name issuer,
                               BigInteger serialNumber)
                        throws CaMgmtException

Returns certificate with revocation information for the issuer and with serial number serialNumber.

Parameters:

issuer - Issuer of the certificate. Must not be null.

serialNumber - Serial number. Must not be null.

Returns:

the certificate with status information.

Throws:

CaMgmtException - if error occurs.

loadConf

Map<String,X509Certificate> loadConf(InputStream zippedConfStream)
                              throws CaMgmtException,
                                     IOException

Loads the CA system configuration.

Parameters:

zippedConfStream - Inputstream of the zipped Configuration the CA system. Must not be null.

Returns:

map of generated root certificates, if newly generated. The key is the CA name.

Throws:

CaMgmtException - if error occurs.

IOException

exportConf

InputStream exportConf(List<String> caNames)
                throws CaMgmtException,
                       IOException

Exports the CA system configuration to a zip-stream.

Parameters:

caNames - List of the names of CAs to be exported. null to export all CAs.

Returns:

ZIP stream of the CA system configuration.

Throws:

IOException - If read the ZIP file fails.

CaMgmtException - if non-IO error occurs.

listCertificates

List<CertListInfo> listCertificates(String caName,
                                    org.bouncycastle.asn1.x500.X500Name subjectPattern,
                                    Date validFrom,
                                    Date validTo,
                                    CertListOrderBy orderBy,
                                    int numEntries)
                             throws CaMgmtException

Returns a sorted list of certificate meta information.

Parameters:

caName - CA name. Must not be null.

subjectPattern - Subject pattern. Could be null.

validFrom - Valid from. Could be null.

validTo - Valid to. Could be null.

orderBy - How the result is ordered. Could be null.

numEntries - Maximal number of entries in the returned list.

Returns:

a sorted list of certificate meta information.

Throws:

CaMgmtException - if error occurs.

getCertRequest

byte[] getCertRequest(String caName,
                      BigInteger serialNumber)
               throws CaMgmtException

Returns the request used to enroll the given certificate.

Parameters:

caName - CA name. Must not be null.

serialNumber - Serial number. Must not be null.

Returns:

the request bytes

Throws:

CaMgmtException - if error occurs.

getSupportedSignerTypes

Set<String> getSupportedSignerTypes()
                             throws CaMgmtException

Retrieves the types of supported signers.

Returns:

lower-case types of supported signers, never null.

Throws:

CaMgmtException - if error occurs.

getSupportedCertprofileTypes

Set<String> getSupportedCertprofileTypes()
                                  throws CaMgmtException

Retrieves the types of supported certificate profiles.

Returns:

types of supported certificate profiles, never null.

Throws:

CaMgmtException - if error occurs.

getSupportedPublisherTypes

Set<String> getSupportedPublisherTypes()
                                throws CaMgmtException

Retrieves the types of supported publishers.

Returns:

lower-case types of supported publishers, never null.

Throws:

CaMgmtException - if error occurs.