Class BasicCAService
java.lang.Object
se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
se.swedenconnect.signservice.certificate.simple.ca.BasicCAService
- All Implemented Interfaces:
se.swedenconnect.ca.engine.ca.issuer.CAService
public class BasicCAService
extends se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
Basic CA service implementation equipped to issue certificates to signers.
-
Constructor Summary
ConstructorsConstructorDescriptionBasicCAService(PkiCredential caCredential, se.swedenconnect.ca.engine.ca.repository.CARepository caRepository, se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel issuerModel, se.swedenconnect.ca.engine.revocation.crl.CRLIssuerModel crlIssuerModel) Constructor. -
Method Summary
Modifier and TypeMethodDescriptionprotected se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuildergetBaseCertificateModelBuilder(se.swedenconnect.ca.engine.ca.models.cert.CertNameModel<?> subject, PublicKey subjectPublicKey, org.bouncycastle.cert.X509CertificateHolder issuerCertificate, se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel certificateIssuerModel) se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerprotected se.swedenconnect.ca.engine.revocation.crl.CRLIssuerse.swedenconnect.ca.engine.revocation.ocsp.OCSPResponderorg.bouncycastle.cert.X509CertificateHoldervoidsetOcspResponder(se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder ocspResponder, String ocspResponderUrl, X509Certificate ocspResponderCertificate) Assigns the OCSP responder for this CA service.voidsetProfileConfiguration(CertificateProfileConfiguration profileConfiguration) Assigns the certificate profile to be adopted in issued certificates.Methods inherited from class se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService
getCaCertificate, getCACertificateChain, getCaRepository, getCertificateModelBuilder, getCurrentCrl, issueCertificate, publishNewCrl, revokeCertificate, revokeCertificate
-
Constructor Details
-
BasicCAService
public BasicCAService(@Nonnull PkiCredential caCredential, @Nonnull se.swedenconnect.ca.engine.ca.repository.CARepository caRepository, @Nonnull se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel issuerModel, @Nullable se.swedenconnect.ca.engine.revocation.crl.CRLIssuerModel crlIssuerModel) throws NoSuchAlgorithmException, CertificateException, CRLException Constructor.- Parameters:
caCredential- the CA credential (private key and certificates)caRepository- repository for storing issued certificatesissuerModel- model for issuing certificatescrlIssuerModel- model for publishing CRL:s (optional)- Throws:
NoSuchAlgorithmException- algorithm is not supportedCertificateException- for certificate errorsCRLException- if a CRL cannot be published
-
-
Method Details
-
getCertificateIssuer
@Nonnull public se.swedenconnect.ca.engine.ca.issuer.CertificateIssuer getCertificateIssuer()- Specified by:
getCertificateIssuerin classse.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
-
getCrlIssuer
@Nullable protected se.swedenconnect.ca.engine.revocation.crl.CRLIssuer getCrlIssuer()- Specified by:
getCrlIssuerin classse.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
-
getCaAlgorithm
-
getCrlDpURLs
-
getOCSPResponderCertificate
@Nullable public org.bouncycastle.cert.X509CertificateHolder getOCSPResponderCertificate() -
getOCSPResponderURL
-
getOCSPResponder
@Nullable public se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder getOCSPResponder()- Specified by:
getOCSPResponderin interfacese.swedenconnect.ca.engine.ca.issuer.CAService- Specified by:
getOCSPResponderin classse.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
-
setOcspResponder
public void setOcspResponder(@Nonnull se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder ocspResponder, @Nonnull String ocspResponderUrl, @Nonnull X509Certificate ocspResponderCertificate) Assigns the OCSP responder for this CA service.- Parameters:
ocspResponder- the OCSP responder implementationocspResponderUrl- the URL for sending requests to the OCSP responderocspResponderCertificate- the OCSP responder certificate
-
getBaseCertificateModelBuilder
protected se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder getBaseCertificateModelBuilder(@Nonnull se.swedenconnect.ca.engine.ca.models.cert.CertNameModel<?> subject, @Nonnull PublicKey subjectPublicKey, @Nullable org.bouncycastle.cert.X509CertificateHolder issuerCertificate, @Nonnull se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel certificateIssuerModel) throws se.swedenconnect.ca.engine.ca.issuer.CertificateIssuanceException - Specified by:
getBaseCertificateModelBuilderin classse.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>- Throws:
se.swedenconnect.ca.engine.ca.issuer.CertificateIssuanceException
-
setProfileConfiguration
Assigns the certificate profile to be adopted in issued certificates.- Parameters:
profileConfiguration- certificate profile configuration
-