Class BasicCAService
java.lang.Object
se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
se.swedenconnect.signservice.certificate.simple.ca.BasicCAService
- All Implemented Interfaces:
se.swedenconnect.ca.engine.ca.issuer.CAService
public class BasicCAService
extends se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
Basic CA service implementation equipped to issue certificates to signers.
-
Constructor Summary
ConstructorDescriptionBasicCAService
(PkiCredential caCredential, se.swedenconnect.ca.engine.ca.repository.CARepository caRepository, se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel issuerModel, se.swedenconnect.ca.engine.revocation.crl.CRLIssuerModel crlIssuerModel) Constructor. -
Method Summary
Modifier and TypeMethodDescriptionprotected se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder
getBaseCertificateModelBuilder
(se.swedenconnect.ca.engine.ca.models.cert.CertNameModel<?> subject, PublicKey subjectPublicKey, org.bouncycastle.cert.X509CertificateHolder issuerCertificate, se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel certificateIssuerModel) se.swedenconnect.ca.engine.ca.issuer.CertificateIssuer
protected se.swedenconnect.ca.engine.revocation.crl.CRLIssuer
se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder
org.bouncycastle.cert.X509CertificateHolder
void
setOcspResponder
(se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder ocspResponder, String ocspResponderUrl, X509Certificate ocspResponderCertificate) Assigns the OCSP responder for this CA service.void
setProfileConfiguration
(CertificateProfileConfiguration profileConfiguration) Assigns the certificate profile to be adopted in issued certificates.Methods inherited from class se.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService
getCaCertificate, getCACertificateChain, getCaRepository, getCertificateModelBuilder, getCurrentCrl, issueCertificate, publishNewCrl, revokeCertificate, revokeCertificate
-
Constructor Details
-
BasicCAService
public BasicCAService(@Nonnull PkiCredential caCredential, @Nonnull se.swedenconnect.ca.engine.ca.repository.CARepository caRepository, @Nonnull se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel issuerModel, @Nullable se.swedenconnect.ca.engine.revocation.crl.CRLIssuerModel crlIssuerModel) throws NoSuchAlgorithmException, CertificateException, CRLException Constructor.- Parameters:
caCredential
- the CA credential (private key and certificates)caRepository
- repository for storing issued certificatesissuerModel
- model for issuing certificatescrlIssuerModel
- model for publishing CRL:s (optional)- Throws:
NoSuchAlgorithmException
- algorithm is not supportedCertificateException
- for certificate errorsCRLException
- if a CRL cannot be published
-
-
Method Details
-
getCertificateIssuer
@Nonnull public se.swedenconnect.ca.engine.ca.issuer.CertificateIssuer getCertificateIssuer()- Specified by:
getCertificateIssuer
in classse.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
-
getCrlIssuer
@Nullable protected se.swedenconnect.ca.engine.revocation.crl.CRLIssuer getCrlIssuer()- Specified by:
getCrlIssuer
in classse.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
-
getCaAlgorithm
-
getCrlDpURLs
-
getOCSPResponderCertificate
@Nullable public org.bouncycastle.cert.X509CertificateHolder getOCSPResponderCertificate() -
getOCSPResponderURL
-
getOCSPResponder
@Nullable public se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder getOCSPResponder()- Specified by:
getOCSPResponder
in interfacese.swedenconnect.ca.engine.ca.issuer.CAService
- Specified by:
getOCSPResponder
in classse.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
-
setOcspResponder
public void setOcspResponder(@Nonnull se.swedenconnect.ca.engine.revocation.ocsp.OCSPResponder ocspResponder, @Nonnull String ocspResponderUrl, @Nonnull X509Certificate ocspResponderCertificate) Assigns the OCSP responder for this CA service.- Parameters:
ocspResponder
- the OCSP responder implementationocspResponderUrl
- the URL for sending requests to the OCSP responderocspResponderCertificate
- the OCSP responder certificate
-
getBaseCertificateModelBuilder
protected se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder getBaseCertificateModelBuilder(@Nonnull se.swedenconnect.ca.engine.ca.models.cert.CertNameModel<?> subject, @Nonnull PublicKey subjectPublicKey, @Nullable org.bouncycastle.cert.X509CertificateHolder issuerCertificate, @Nonnull se.swedenconnect.ca.engine.ca.issuer.CertificateIssuerModel certificateIssuerModel) throws se.swedenconnect.ca.engine.ca.issuer.CertificateIssuanceException - Specified by:
getBaseCertificateModelBuilder
in classse.swedenconnect.ca.engine.ca.issuer.impl.AbstractCAService<se.swedenconnect.ca.engine.ca.models.cert.impl.DefaultCertificateModelBuilder>
- Throws:
se.swedenconnect.ca.engine.ca.issuer.CertificateIssuanceException
-
setProfileConfiguration
Assigns the certificate profile to be adopted in issued certificates.- Parameters:
profileConfiguration
- certificate profile configuration
-