Package org.xipki.ca.server

Class X509Ca

java.lang.Object

org.xipki.ca.server.X509CaModule

org.xipki.ca.server.X509Ca

All Implemented Interfaces:

Closeable, AutoCloseable

public class X509Ca
extends X509CaModule
implements Closeable

X509CA.

Since:

2.0.0

Author:

Lijun Liao (xipki)

Field Summary

Fields inherited from class org.xipki.ca.server.X509CaModule

caCert, caIdent, caInfo, encodedCaCertChain

Constructor Summary

Constructors

Constructor	Description
X509Ca(CaManagerImpl caManager, CaInfo caInfo, CertStore certstore, CtLogClient ctlogClient)

Method Summary

Modifier and Type	Method	Description
void	close()
org.xipki.ca.api.CertificateInfo	generateCert(org.xipki.ca.api.mgmt.RequestorInfo requestor, CertTemplateData certTemplate, String transactionId)
List<org.xipki.ca.api.CertificateInfo>	generateCerts(org.xipki.ca.api.mgmt.RequestorInfo requestor, List<CertTemplateData> certTemplates, String transactionId)
org.bouncycastle.cert.X509CRLHolder	generateCrlOnDemand(org.xipki.ca.api.mgmt.RequestorInfo requestor)
org.xipki.security.X509Cert	getCaCert()
org.xipki.ca.api.NameId	getCaIdent()
CaInfo	getCaInfo()
org.xipki.security.X509Cert	getCert(BigInteger serialNumber)
org.xipki.security.X509Cert	getCert(org.bouncycastle.asn1.x500.X500Name subjectName, String transactionId)	Returns the certificate satisfying the given search criteria.
org.xipki.ca.api.mgmt.CertWithRevocationInfo	getCertWithRevocationInfo(BigInteger serialNumber)
org.xipki.ca.api.mgmt.CertWithRevocationInfo	getCertWithRevocationInfoBySubject(org.bouncycastle.asn1.x500.X500Name subject, byte[] san)
org.bouncycastle.cert.X509CRLHolder	getCrl(org.xipki.ca.api.mgmt.RequestorInfo requestor, BigInteger crlNumber)
org.bouncycastle.cert.X509CRLHolder	getCurrentCrl(org.xipki.ca.api.mgmt.RequestorInfo requestor)
List<byte[]>	getEncodedCaCertChain()
String	getHexSha1OfCert()
org.xipki.ca.api.mgmt.RequestorInfo.CertRequestorInfo	getRequestor(org.xipki.security.X509Cert requestorCert)
IdentifiedCertprofile	getX509Certprofile(String certprofileName)
boolean	healthy()
List<org.xipki.ca.api.mgmt.CertListInfo>	listCerts(org.bouncycastle.asn1.x500.X500Name subjectPattern, Instant validFrom, Instant validTo, org.xipki.ca.api.mgmt.CertListOrderBy orderBy, int numEntries)
org.xipki.ca.api.CertWithDbId	removeCert(org.xipki.ca.api.mgmt.RequestorInfo requestor, BigInteger serialNumber)
boolean	republishCerts(List<String> publisherNames, int numThreads)
void	revokeCa(org.xipki.ca.api.mgmt.RequestorInfo requestor, org.xipki.security.CertRevocationInfo revocationInfo)
org.xipki.ca.api.mgmt.CertWithRevocationInfo	revokeCert(org.xipki.ca.api.mgmt.RequestorInfo requestor, BigInteger serialNumber, org.xipki.security.CrlReason reason, Instant invalidityTime)
void	unrevokeCa(org.xipki.ca.api.mgmt.RequestorInfo requestor)
org.xipki.ca.api.CertWithDbId	unsuspendCert(org.xipki.ca.api.mgmt.RequestorInfo requestor, BigInteger serialNumber)

Methods inherited from class org.xipki.ca.server.X509CaModule

auditService, finish, newAuditEvent, setEventStatus, verifySignature

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

X509Ca

public X509Ca(CaManagerImpl caManager,
              CaInfo caInfo,
              CertStore certstore,
              CtLogClient ctlogClient)
       throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

Method Detail

getCaIdent

public org.xipki.ca.api.NameId getCaIdent()

getCaInfo

public CaInfo getCaInfo()

getCaCert

public org.xipki.security.X509Cert getCaCert()

getEncodedCaCertChain

public List<byte[]> getEncodedCaCertChain()

getCert

public org.xipki.security.X509Cert getCert(BigInteger serialNumber)
                                    throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

getCert

public org.xipki.security.X509Cert getCert(org.bouncycastle.asn1.x500.X500Name subjectName,
                                           String transactionId)
                                    throws org.xipki.pki.OperationException

Returns the certificate satisfying the given search criteria.

Parameters:

subjectName - Subject of the certificate.

transactionId - transactionId.

Returns:

the certificate satisfying the given search criteria

Throws:

org.xipki.pki.OperationException - if error occurs.

getCertWithRevocationInfo

public org.xipki.ca.api.mgmt.CertWithRevocationInfo getCertWithRevocationInfo(BigInteger serialNumber)
                                                                       throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

getCertWithRevocationInfoBySubject

public org.xipki.ca.api.mgmt.CertWithRevocationInfo getCertWithRevocationInfoBySubject(org.bouncycastle.asn1.x500.X500Name subject,
                                                                                       byte[] san)
                                                                                throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

listCerts

public List<org.xipki.ca.api.mgmt.CertListInfo> listCerts(org.bouncycastle.asn1.x500.X500Name subjectPattern,
                                                          Instant validFrom,
                                                          Instant validTo,
                                                          org.xipki.ca.api.mgmt.CertListOrderBy orderBy,
                                                          int numEntries)
                                                   throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

getCurrentCrl

public org.bouncycastle.cert.X509CRLHolder getCurrentCrl(org.xipki.ca.api.mgmt.RequestorInfo requestor)
                                                  throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

getCrl

public org.bouncycastle.cert.X509CRLHolder getCrl(org.xipki.ca.api.mgmt.RequestorInfo requestor,
                                                  BigInteger crlNumber)
                                           throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

generateCrlOnDemand

public org.bouncycastle.cert.X509CRLHolder generateCrlOnDemand(org.xipki.ca.api.mgmt.RequestorInfo requestor)
                                                        throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

republishCerts

public boolean republishCerts(List<String> publisherNames,
                              int numThreads)

revokeCert

public org.xipki.ca.api.mgmt.CertWithRevocationInfo revokeCert(org.xipki.ca.api.mgmt.RequestorInfo requestor,
                                                               BigInteger serialNumber,
                                                               org.xipki.security.CrlReason reason,
                                                               Instant invalidityTime)
                                                        throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

unsuspendCert

public org.xipki.ca.api.CertWithDbId unsuspendCert(org.xipki.ca.api.mgmt.RequestorInfo requestor,
                                                   BigInteger serialNumber)
                                            throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

removeCert

public org.xipki.ca.api.CertWithDbId removeCert(org.xipki.ca.api.mgmt.RequestorInfo requestor,
                                                BigInteger serialNumber)
                                         throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

revokeCa

public void revokeCa(org.xipki.ca.api.mgmt.RequestorInfo requestor,
                     org.xipki.security.CertRevocationInfo revocationInfo)
              throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

unrevokeCa

public void unrevokeCa(org.xipki.ca.api.mgmt.RequestorInfo requestor)
                throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

generateCerts

public List<org.xipki.ca.api.CertificateInfo> generateCerts(org.xipki.ca.api.mgmt.RequestorInfo requestor,
                                                            List<CertTemplateData> certTemplates,
                                                            String transactionId)
                                                     throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

generateCert

public org.xipki.ca.api.CertificateInfo generateCert(org.xipki.ca.api.mgmt.RequestorInfo requestor,
                                                     CertTemplateData certTemplate,
                                                     String transactionId)
                                              throws org.xipki.pki.OperationException

Throws:

org.xipki.pki.OperationException

getX509Certprofile

public IdentifiedCertprofile getX509Certprofile(String certprofileName)

getRequestor

public org.xipki.ca.api.mgmt.RequestorInfo.CertRequestorInfo getRequestor(org.xipki.security.X509Cert requestorCert)

healthy

public boolean healthy()

getHexSha1OfCert

public String getHexSha1OfCert()

close

public void close()

Specified by:

close in interface AutoCloseable

Specified by:

close in interface Closeable