public interface CertService
The interfaces provided by this service are intended to abstract low-level generic certificate operations like PKI key and certificate generation, CSR (Certificate Signing Request) signing with the root certificate, retrieving the certificates from the keystore in a generic way, and also providing CRLs (Certificate Revocation Lists).
The bulk of this functionality is provided via the initializeUser(..) method used to generate a fully initialized certificate enclosed in a secured keystore.
Modifier and Type | Method and Description |
---|---|
X509Certificate |
getCertificate(KeyStore keystore,
String certificateAlias)
Retrieves an existing certificate from a keystore using keystore's certificate alias.
|
String |
getCertificateEmail(X509Certificate certificate)
Extracts the email address from a certificate
|
KeyPair |
getKeyPair(KeyStore ks,
String keyAlias,
String certificateAlias,
String keyPassword)
Retrieves existing private and public key from a KeyStore.
|
KeyStore |
getKeyStore(InputStream keystoreIS,
String password)
Retrieves a KeyStore object from a supplied InputStream.
|
X509Certificate |
getRootCertificate()
Retrieves the root certificate.
|
KeyStore |
initializeUser(UserInfo userInfo,
String keyPassword)
Generates a private key and a public certificate for a user whose X.509 field information was enclosed in a
UserInfo parameter.
|
void |
setRootService(RootService rootService)
Sets up a root service to be used for CA-related services like certificate request signing and certificate
revocation.
|
void |
storeCertificate(KeyStore keystore,
OutputStream os,
String keystorePassword)
Wraps a certificate object into an OutputStream object secured by a keystore password
|
X509Certificate getRootCertificate() throws CertException
CertException
void setRootService(RootService rootService) throws CertException
keystore
- CertException
KeyStore getKeyStore(InputStream keystoreIS, String password) throws CertException
userId
- CertException
KeyPair getKeyPair(KeyStore ks, String keyAlias, String certificateAlias, String keyPassword) throws CertException
userId
- CertException
X509Certificate getCertificate(KeyStore keystore, String certificateAlias) throws CertException
userId
- CertException
KeyStore initializeUser(UserInfo userInfo, String keyPassword) throws CertException
userId
- CertException
void storeCertificate(KeyStore keystore, OutputStream os, String keystorePassword) throws CertException
keystore
- os
- keystorePassword
- CertException
String getCertificateEmail(X509Certificate certificate) throws CertException
certificate
- CertException
Copyright © 2015 Nuxeo SA. All rights reserved.