Package com.netscape.cmscore.dbs
Class CertificateRepository
- java.lang.Object
-
- com.netscape.cmscore.dbs.Repository
-
- com.netscape.cmscore.dbs.CertificateRepository
-
- All Implemented Interfaces:
com.netscape.certsrv.dbs.certdb.ICertificateRepository
,com.netscape.certsrv.dbs.repository.IRepository
public class CertificateRepository extends Repository implements com.netscape.certsrv.dbs.certdb.ICertificateRepository
A class represents a certificate repository. It stores all the issued certificate.- Version:
- $Revision$, $Date$
- Author:
- thomask, kanda
-
-
Field Summary
Fields Modifier and Type Field Description java.lang.String
CERT_X509ATTRIBUTE
com.netscape.cmscore.dbs.CertStatusUpdateTask
certStatusUpdateTask
static org.slf4j.Logger
logger
static java.lang.String
PROP_CERT_BASE_DN
static java.lang.String
PROP_INCREMENT
static java.lang.String
PROP_TRANS_MAXRECORDS
static java.lang.String
PROP_TRANS_PAGESIZE
com.netscape.cmscore.dbs.RetrieveModificationsTask
retrieveModificationsTask
com.netscape.cmscore.dbs.SerialNumberUpdateTask
serialNumberUpdateTask
-
Fields inherited from class com.netscape.cmscore.dbs.Repository
mCounter, mEnableRandomSerialNumbers, mMaxSerialNo, mMinSerialNo, PROP_BASE_DN
-
-
Constructor Summary
Constructors Constructor Description CertificateRepository(DBSubsystem dbSubsystem, java.lang.String certRepoBaseDN, int increment, java.lang.String baseDN)
Constructs a certificate repository.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
addCertificateRecord(com.netscape.certsrv.dbs.certdb.ICertRecord record)
Adds a certificate record to the repository.void
addCRLIssuingPoint(java.lang.String id, ICRLIssuingPoint crlIssuingPoint)
register CRL Issuing Pointvoid
addRevokedCertRecord(CertRecord record)
Used by the Clone Master (CLA) to add a revoked certificate record to the repository.boolean
checkCertificateRecord(java.math.BigInteger serialNo)
boolean
containsCertificate(java.math.BigInteger serialNo)
Checks if the specified certificate is in the repository.com.netscape.certsrv.dbs.certdb.ICertRecord
createCertRecord(java.math.BigInteger id, java.security.cert.Certificate cert, MetaInfo meta)
Creates certificate record.void
deleteCertificateRecord(java.math.BigInteger serialNo)
Deletes certificate record.java.util.Enumeration<org.mozilla.jss.netscape.security.x509.X509CertImpl>
findCertificates(java.lang.String filter)
Finds all certificates given a filter.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
findCertRecords(java.lang.String filter)
Finds a list of certificate records that satisifies the filter.com.netscape.certsrv.dbs.certdb.ICertRecordList
findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, int pageSize)
Finds certificate records.com.netscape.certsrv.dbs.certdb.ICertRecordList
findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, boolean hardJumpTo, java.lang.String sortKey, int pageSize)
com.netscape.certsrv.dbs.certdb.ICertRecordList
findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String sortKey, int pageSize)
Finds a list of certificate records that satisifies the filter.com.netscape.certsrv.dbs.certdb.ICertRecordList
findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize)
Finds a list of certificate records that satisifies the filter.com.netscape.certsrv.dbs.certdb.ICertRecordList
findCertRecordsInListRawJumpto(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize)
Finds a list of certificate records that satisifies the filter.java.util.Enumeration<java.lang.Object>
findCertRecs(java.lang.String filter)
Deprecated.replaced byfindCertificatesInList
java.util.Enumeration<java.lang.Object>
findCertRecs(java.lang.String filter, java.lang.String[] attrs)
java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getAllExpiredCertificates()
Retrives all expired certificates.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getAllExpiredPublishedCertificates()
Retrives all expired publishedcertificates.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getAllRevokedCertificates()
Retrives all revoked certificates including ones already expired or not yet valid.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getAllRevokedNonExpiredCertificates()
Retrives all revoked certificates excluing ones already expired.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getAllRevokedPublishedCertificates()
Retrives all revoked published certificates including ones already expired or not yet valid.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getAllValidCertificates()
Retrives all valid certificates excluding ones already revoked.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getAllValidNotPublishedCertificates()
Retrives all valid not published certificates excluding ones already revoked.DBSubsystem
getDBSubsystem()
Retrieves backend database handle.java.lang.String
getDN()
Retrieves DN of this repository.boolean
getEnableRandomSerialNumbers()
Retrieves serial number management mode.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getExpiredCertificates(java.lang.String from, java.lang.String to)
Retrives all expired certificates.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getExpiredPublishedCertificates(java.lang.String from, java.lang.String to)
Retrives all expired published certificates.com.netscape.certsrv.dbs.certdb.ICertRecordList
getInvalidCertsByNotBeforeDate(java.util.Date date, int pageSize)
Gets Invalid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.java.math.BigInteger
getLastSerialNumberInRange(java.math.BigInteger serial_low_bound, java.math.BigInteger serial_upper_bound)
void
getModifications(netscape.ldap.LDAPEntry entry)
Retrieves modified certificate records.java.math.BigInteger
getNextSerialNumber()
Retrieves the next serial number, and also increase the serial number by one.java.util.Hashtable<java.lang.String,com.netscape.certsrv.dbs.certdb.RenewableCertificateCollection>
getRenewableCertificates(java.lang.String renewalTime)
Retrieves renewable certificates.java.lang.String
getRequestDN()
java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getRevokedCertificates(java.lang.String from, java.lang.String to)
Retrieves all revoked certificates in the serial number range.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getRevokedCertificates(java.util.Date asOfDate)
Retrieves all revoked certificates that have not expired.com.netscape.certsrv.dbs.certdb.ICertRecordList
getRevokedCertsByNotAfterDate(java.util.Date date, int pageSize)
Gets Revoked certs orderes by noAfter date, jumps to records where notAfter date is greater than current.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getRevokedPublishedCertificates(java.lang.String from, java.lang.String to)
Retrieves all revoked publishedcertificates in the serial number range.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getValidCertificates(java.lang.String from, java.lang.String to)
Retrives all valid certificates excluding ones already revoked.com.netscape.certsrv.dbs.certdb.ICertRecordList
getValidCertsByNotAfterDate(java.util.Date date, int pageSize)
Gets valid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
getValidNotPublishedCertificates(java.lang.String from, java.lang.String to)
Retrives all valid not published certificates excluding ones already revoked.org.mozilla.jss.netscape.security.x509.X509CertImpl
getX509Certificate(java.math.BigInteger serialNo)
Reads the certificate identified by the given serial no.org.mozilla.jss.netscape.security.x509.X509CertImpl[]
getX509Certificates(java.lang.String filter)
org.mozilla.jss.netscape.security.x509.X509CertImpl[]
getX509Certificates(java.lang.String subjectDN, int validityType)
Gets all valid and unexpired certificates pertaining to a subject DN.RevocationInfo
isCertificateRevoked(org.mozilla.jss.netscape.security.x509.X509CertImpl cert)
Checks if the presented certificate belongs to the repository and is revoked.void
markAsRevoked(java.math.BigInteger id, com.netscape.certsrv.dbs.certdb.IRevocationInfo info)
Marks certificate as revoked.void
markAsRevoked(java.math.BigInteger id, com.netscape.certsrv.dbs.certdb.IRevocationInfo info, boolean isAlreadyRevoked)
Marks certificate as revoked.void
markCertificateAsNotRenewable(com.netscape.certsrv.dbs.certdb.ICertRecord record)
Marks certificate as renewable.void
markCertificateAsRenewable(com.netscape.certsrv.dbs.certdb.ICertRecord record)
Marks certificate as renewable.void
markCertificateAsRenewalNotified(java.lang.String serialNo)
Marks certificate as renewed and notified.void
markCertificateAsRenewed(java.lang.String serialNo)
Marks certificate as renewed.void
modifyCertificateRecord(java.math.BigInteger serialNo, com.netscape.certsrv.dbs.ModificationSet mods)
Modifies certificate record.com.netscape.certsrv.dbs.certdb.ICertRecord
readCertificateRecord(java.math.BigInteger serialNo)
Reads certificate from repository.void
removeCertRecords(java.math.BigInteger beginS, java.math.BigInteger endS)
Removes all objects with this repository.java.util.Enumeration<java.lang.Object>
searchCertificates(java.lang.String filter, int maxSize)
Finds a list of certificate records that satisifies the filter.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
searchCertificates(java.lang.String filter, int maxSize, int timeLimit)
Finds a list of certificate records that satisifies the filter.java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord>
searchCertificates(java.lang.String filter, int maxSize, int timeLimit, java.lang.String sortAttribute)
Finds a list of certificate records that satisifies the filter.java.util.Enumeration<java.lang.Object>
searchCertificates(java.lang.String filter, int maxSize, java.lang.String sortAttribute)
Finds a list of certificate records that satisifies the filter.void
setCertStatusUpdateInterval(com.netscape.certsrv.dbs.repository.IRepository requestRepository, int interval, boolean listenToCloneModifications)
interval value: (in seconds) 0 - disable >0 - enablevoid
setConsistencyCheck(boolean ConsistencyCheck)
void
setEnableRandomSerialNumbers(boolean random, boolean updateMode, boolean forceModeChange)
Sets serial number management mode for certificates..void
setRequestDN(java.lang.String requestDN)
void
setSerialNumberUpdateInterval(com.netscape.certsrv.dbs.repository.IRepository requestRepository, int interval)
interval value: (in seconds) 0 - disable >0 - enablevoid
setSkipIfInConsistent(boolean SkipIfInconsistent)
void
setTransitMaxRecords(int max)
void
setTransitRecordPageSize(int size)
void
shutdown()
void
transitInvalidCertificates()
This transits a certificate status from INVALID to VALID if a certificate becomes valid.void
transitRevokedExpiredCertificates()
This transits a certificate status from REVOKED to REVOKED_EXPIRED if an revoked certificate becomes expired.void
transitValidCertificates()
This transits a certificate status from VALID to EXPIRED if a certificate becomes expired.void
unmarkRevoked(java.math.BigInteger id, com.netscape.certsrv.dbs.certdb.IRevocationInfo info, java.util.Date revokedOn, java.lang.String revokedBy)
Unmarks revoked certificate.void
updateCertStatus()
Updates certificate status now.void
updateCounter()
void
updateStatus(java.math.BigInteger id, java.lang.String status)
Updates the certificiate record status to the specified.-
Methods inherited from class com.netscape.cmscore.dbs.Repository
checkRange, checkRanges, getMaxSerial, getMinSerial, getNextMaxSerial, getSerialNumber, initCacheIfNeeded, peekNextSerialNumber, resetSerialNumber, setEnableSerialMgmt, setLastSerialNo, setMaxSerial, setNextMaxSerial, setSerialNumber, setTheSerialNumber
-
-
-
-
Field Detail
-
logger
public static org.slf4j.Logger logger
-
PROP_INCREMENT
public static final java.lang.String PROP_INCREMENT
- See Also:
- Constant Field Values
-
PROP_CERT_BASE_DN
public static final java.lang.String PROP_CERT_BASE_DN
- See Also:
- Constant Field Values
-
PROP_TRANS_MAXRECORDS
public static final java.lang.String PROP_TRANS_MAXRECORDS
- See Also:
- Constant Field Values
-
PROP_TRANS_PAGESIZE
public static final java.lang.String PROP_TRANS_PAGESIZE
- See Also:
- Constant Field Values
-
CERT_X509ATTRIBUTE
public final java.lang.String CERT_X509ATTRIBUTE
- See Also:
- Constant Field Values
-
certStatusUpdateTask
public com.netscape.cmscore.dbs.CertStatusUpdateTask certStatusUpdateTask
-
retrieveModificationsTask
public com.netscape.cmscore.dbs.RetrieveModificationsTask retrieveModificationsTask
-
serialNumberUpdateTask
public com.netscape.cmscore.dbs.SerialNumberUpdateTask serialNumberUpdateTask
-
-
Constructor Detail
-
CertificateRepository
public CertificateRepository(DBSubsystem dbSubsystem, java.lang.String certRepoBaseDN, int increment, java.lang.String baseDN) throws com.netscape.certsrv.dbs.EDBException
Constructs a certificate repository.- Throws:
com.netscape.certsrv.dbs.EDBException
-
-
Method Detail
-
createCertRecord
public com.netscape.certsrv.dbs.certdb.ICertRecord createCertRecord(java.math.BigInteger id, java.security.cert.Certificate cert, MetaInfo meta)
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Creates certificate record.- Specified by:
createCertRecord
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
id
- serial numbercert
- certificatemeta
- meta information- Returns:
- certificate record
-
getEnableRandomSerialNumbers
public boolean getEnableRandomSerialNumbers()
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Retrieves serial number management mode.- Specified by:
getEnableRandomSerialNumbers
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Returns:
- serial number management mode, "true" indicates random serial number management, "false" indicates sequential serial number management.
-
setEnableRandomSerialNumbers
public void setEnableRandomSerialNumbers(boolean random, boolean updateMode, boolean forceModeChange)
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Sets serial number management mode for certificates..- Specified by:
setEnableRandomSerialNumbers
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
random
- "true" sets random serial number management, "false" sequentialupdateMode
- "true" updates "description" attribute in certificate repositoryforceModeChange
- "true" forces certificate repository mode change
-
getNextSerialNumber
public java.math.BigInteger getNextSerialNumber() throws EBaseException
Description copied from class:Repository
Retrieves the next serial number, and also increase the serial number by one.- Specified by:
getNextSerialNumber
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Specified by:
getNextSerialNumber
in interfacecom.netscape.certsrv.dbs.repository.IRepository
- Overrides:
getNextSerialNumber
in classRepository
- Returns:
- serial number
- Throws:
EBaseException
- failed to retrieve next serial number
-
updateCounter
public void updateCounter()
-
getLastSerialNumberInRange
public java.math.BigInteger getLastSerialNumberInRange(java.math.BigInteger serial_low_bound, java.math.BigInteger serial_upper_bound) throws EBaseException
- Specified by:
getLastSerialNumberInRange
in classRepository
- Throws:
EBaseException
-
removeCertRecords
public void removeCertRecords(java.math.BigInteger beginS, java.math.BigInteger endS) throws EBaseException
Removes all objects with this repository.- Specified by:
removeCertRecords
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
beginS
- BigInteger with radix 16endS
- BigInteger with radix 16- Throws:
EBaseException
-
setConsistencyCheck
public void setConsistencyCheck(boolean ConsistencyCheck)
-
setSkipIfInConsistent
public void setSkipIfInConsistent(boolean SkipIfInconsistent)
-
setTransitMaxRecords
public void setTransitMaxRecords(int max)
-
setTransitRecordPageSize
public void setTransitRecordPageSize(int size)
-
addCRLIssuingPoint
public void addCRLIssuingPoint(java.lang.String id, ICRLIssuingPoint crlIssuingPoint)
register CRL Issuing Point
-
setCertStatusUpdateInterval
public void setCertStatusUpdateInterval(com.netscape.certsrv.dbs.repository.IRepository requestRepository, int interval, boolean listenToCloneModifications)
interval value: (in seconds) 0 - disable >0 - enable- Specified by:
setCertStatusUpdateInterval
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
requestRepository
- request repositoryinterval
- update intervallistenToCloneModifications
- enable listening to clone modifications
-
setSerialNumberUpdateInterval
public void setSerialNumberUpdateInterval(com.netscape.certsrv.dbs.repository.IRepository requestRepository, int interval)
interval value: (in seconds) 0 - disable >0 - enable
-
updateCertStatus
public void updateCertStatus() throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Updates certificate status now. This is a blocking method.- Specified by:
updateCertStatus
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Throws:
EBaseException
- failed to update
-
getDN
public java.lang.String getDN()
Retrieves DN of this repository.
-
setRequestDN
public void setRequestDN(java.lang.String requestDN)
-
getRequestDN
public java.lang.String getRequestDN()
-
getDBSubsystem
public DBSubsystem getDBSubsystem()
Retrieves backend database handle.
-
addCertificateRecord
public void addCertificateRecord(com.netscape.certsrv.dbs.certdb.ICertRecord record) throws EBaseException
Adds a certificate record to the repository. Each certificate record contains four parts: certificate, meta-attributes, issue information and reovcation information.- Specified by:
addCertificateRecord
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
cert
- X.509 certificate- Throws:
EBaseException
- failed to add new certificate to the repository
-
addRevokedCertRecord
public void addRevokedCertRecord(CertRecord record) throws EBaseException
Used by the Clone Master (CLA) to add a revoked certificate record to the repository.- Parameters:
record
- a CertRecord- Throws:
EBaseException
- failed to add new certificate to the repository
-
transitValidCertificates
public void transitValidCertificates() throws EBaseException
This transits a certificate status from VALID to EXPIRED if a certificate becomes expired.- Throws:
EBaseException
-
transitRevokedExpiredCertificates
public void transitRevokedExpiredCertificates() throws EBaseException
This transits a certificate status from REVOKED to REVOKED_EXPIRED if an revoked certificate becomes expired.- Throws:
EBaseException
-
transitInvalidCertificates
public void transitInvalidCertificates() throws EBaseException
This transits a certificate status from INVALID to VALID if a certificate becomes valid.- Throws:
EBaseException
-
getX509Certificate
public org.mozilla.jss.netscape.security.x509.X509CertImpl getX509Certificate(java.math.BigInteger serialNo) throws EBaseException
Reads the certificate identified by the given serial no.- Specified by:
getX509Certificate
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
serialNo
- serial number of certificate- Returns:
- certificate
- Throws:
EBaseException
- failed to retrieve certificate
-
deleteCertificateRecord
public void deleteCertificateRecord(java.math.BigInteger serialNo) throws EBaseException
Deletes certificate record.- Specified by:
deleteCertificateRecord
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
serialNo
- serial number of certificate- Throws:
EBaseException
- failed to delete
-
readCertificateRecord
public com.netscape.certsrv.dbs.certdb.ICertRecord readCertificateRecord(java.math.BigInteger serialNo) throws EBaseException
Reads certificate from repository.- Specified by:
readCertificateRecord
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
serialNo
- serial number of certificate- Returns:
- certificate record
- Throws:
EBaseException
- failed to retrieve certificate
-
checkCertificateRecord
public boolean checkCertificateRecord(java.math.BigInteger serialNo) throws EBaseException
- Throws:
EBaseException
-
modifyCertificateRecord
public void modifyCertificateRecord(java.math.BigInteger serialNo, com.netscape.certsrv.dbs.ModificationSet mods) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Modifies certificate record.- Specified by:
modifyCertificateRecord
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
serialNo
- serial number of recordmods
- modifications- Throws:
EBaseException
- failed to modify
-
containsCertificate
public boolean containsCertificate(java.math.BigInteger serialNo) throws EBaseException
Checks if the specified certificate is in the repository.- Specified by:
containsCertificate
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
serialNo
- serial number of certificate- Returns:
- true if it exists
- Throws:
EBaseException
- failed to check
-
markAsRevoked
public void markAsRevoked(java.math.BigInteger id, com.netscape.certsrv.dbs.certdb.IRevocationInfo info) throws EBaseException
Marks certificate as revoked. isAlreadyRevoked - boolean to indicate that the cert was revoked ( possibly onHold ) When a cert was originally revoked (possibly onHold), some of the ldap attributes already exist, so "MOD_REPLACE" is needed instead of "MOD_ADD"- Specified by:
markAsRevoked
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
id
- serial numberinfo
- revocation information- Throws:
EBaseException
- failed to mark
-
markAsRevoked
public void markAsRevoked(java.math.BigInteger id, com.netscape.certsrv.dbs.certdb.IRevocationInfo info, boolean isAlreadyRevoked) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Marks certificate as revoked.- Specified by:
markAsRevoked
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
id
- serial numberinfo
- revocation informationisAlreadyRevoked
- boolean to indicate if the cert was revoked onHold- Throws:
EBaseException
- failed to mark
-
unmarkRevoked
public void unmarkRevoked(java.math.BigInteger id, com.netscape.certsrv.dbs.certdb.IRevocationInfo info, java.util.Date revokedOn, java.lang.String revokedBy) throws EBaseException
Unmarks revoked certificate.- Specified by:
unmarkRevoked
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
id
- serial numberinfo
- revocation informationrevokedOn
- revocation daterevokedBy
- userid- Throws:
EBaseException
- failed to unmark
-
updateStatus
public void updateStatus(java.math.BigInteger id, java.lang.String status) throws EBaseException
Updates the certificiate record status to the specified.- Specified by:
updateStatus
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
id
- serial numberstatus
- certificate status- Throws:
EBaseException
- failed to update status
-
searchCertificates
public java.util.Enumeration<java.lang.Object> searchCertificates(java.lang.String filter, int maxSize, java.lang.String sortAttribute) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Finds a list of certificate records that satisifies the filter.- Specified by:
searchCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filtermaxSize
- max size to returnsortAttribute
- Attribute of ICertRecord to sort the results- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
searchCertificates
public java.util.Enumeration<java.lang.Object> searchCertificates(java.lang.String filter, int maxSize) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Finds a list of certificate records that satisifies the filter. Here is a list of filter attribute can be used:certRecordId certMetaInfo certStatus certCreateTime certModifyTime x509Cert.notBefore x509Cert.notAfter x509Cert.subject
The filter should follow RFC1558 LDAP filter syntax. For example,(&(certRecordId=5)(x509Cert.notBefore=934398398))
- Specified by:
searchCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filtermaxSize
- max size to return- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
searchCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> searchCertificates(java.lang.String filter, int maxSize, int timeLimit) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Finds a list of certificate records that satisifies the filter.- Specified by:
searchCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filtermaxSize
- max size to returntimeLimit
- timeout value- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
searchCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> searchCertificates(java.lang.String filter, int maxSize, int timeLimit, java.lang.String sortAttribute) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Finds a list of certificate records that satisifies the filter.- Specified by:
searchCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filtermaxSize
- max size to returntimeLimit
- timeout valuesortAttribute
- Attribute of ICertRecord to sort the results- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecs
public java.util.Enumeration<java.lang.Object> findCertRecs(java.lang.String filter) throws EBaseException
Deprecated.replaced byfindCertificatesInList
Returns a list of X509CertImp that satisfies the filter.- Specified by:
findCertRecs
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filter- Returns:
- a list of certificate records
- Throws:
EBaseException
- failed to retrieve cert records
-
findCertRecs
public java.util.Enumeration<java.lang.Object> findCertRecs(java.lang.String filter, java.lang.String[] attrs) throws EBaseException
- Throws:
EBaseException
-
findCertificates
public java.util.Enumeration<org.mozilla.jss.netscape.security.x509.X509CertImpl> findCertificates(java.lang.String filter) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Finds all certificates given a filter.- Specified by:
findCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filter- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecords
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> findCertRecords(java.lang.String filter) throws EBaseException
Finds a list of certificate records that satisifies the filter. If you are going to process everything in the list, use this.- Specified by:
findCertRecords
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filter- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecordsInList
public com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, int pageSize) throws EBaseException
Finds certificate records. Here is a list of filter attribute can be used:certRecordId certMetaInfo certStatus certCreateTime certModifyTime x509Cert.notBefore x509Cert.notAfter x509Cert.subject
The filter should follow RFC1558 LDAP filter syntax. For example,(&(certRecordId=5)(x509Cert.notBefore=934398398))
- Specified by:
findCertRecordsInList
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filterattrs
- selected attributepageSize
- page size- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecordsInList
public com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String sortKey, int pageSize) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Finds a list of certificate records that satisifies the filter.- Specified by:
findCertRecordsInList
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filterattrs
- selected attributesortKey
- key to use for sorting the returned elementspageSize
- page size- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecordsInList
public com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Finds a list of certificate records that satisifies the filter.- Specified by:
findCertRecordsInList
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filterattrs
- selected attributejumpTo
- jump to indexsortKey
- key to use for sorting the returned elementspageSize
- page size- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecordsInList
public com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, boolean hardJumpTo, java.lang.String sortKey, int pageSize) throws EBaseException
- Specified by:
findCertRecordsInList
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Throws:
EBaseException
-
findCertRecordsInListRawJumpto
public com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInListRawJumpto(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Finds a list of certificate records that satisifies the filter.- Specified by:
findCertRecordsInListRawJumpto
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
filter
- search filterattrs
- selected attributejumpTo
- jump to indexsortKey
- key to use for sorting the returned elementspageSize
- page size- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
markCertificateAsRenewable
public void markCertificateAsRenewable(com.netscape.certsrv.dbs.certdb.ICertRecord record) throws EBaseException
Marks certificate as renewable.- Specified by:
markCertificateAsRenewable
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
record
- certificate record to modify- Throws:
EBaseException
- failed to update
-
markCertificateAsNotRenewable
public void markCertificateAsNotRenewable(com.netscape.certsrv.dbs.certdb.ICertRecord record) throws EBaseException
Marks certificate as renewable.- Specified by:
markCertificateAsNotRenewable
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
record
- certificate record to modify- Throws:
EBaseException
- failed to update
-
markCertificateAsRenewed
public void markCertificateAsRenewed(java.lang.String serialNo) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Marks certificate as renewed.- Specified by:
markCertificateAsRenewed
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
serialNo
- certificate record to modify- Throws:
EBaseException
- failed to update
-
markCertificateAsRenewalNotified
public void markCertificateAsRenewalNotified(java.lang.String serialNo) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Marks certificate as renewed and notified.- Specified by:
markCertificateAsRenewalNotified
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
serialNo
- certificate record to modify- Throws:
EBaseException
- failed to update
-
getRenewableCertificates
public java.util.Hashtable<java.lang.String,com.netscape.certsrv.dbs.certdb.RenewableCertificateCollection> getRenewableCertificates(java.lang.String renewalTime) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Retrieves renewable certificates.- Specified by:
getRenewableCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
renewalTime
- renewal time- Returns:
- certificates
- Throws:
EBaseException
- failed to retrieve
-
getX509Certificates
public org.mozilla.jss.netscape.security.x509.X509CertImpl[] getX509Certificates(java.lang.String subjectDN, int validityType) throws EBaseException
Gets all valid and unexpired certificates pertaining to a subject DN.- Specified by:
getX509Certificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
subjectDN
- The distinguished name of the subject.validityType
- The type of certificates to get.- Returns:
- An array of certificates.
- Throws:
EBaseException
- on error.
-
getX509Certificates
public org.mozilla.jss.netscape.security.x509.X509CertImpl[] getX509Certificates(java.lang.String filter) throws EBaseException
- Throws:
EBaseException
-
getValidCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getValidCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrives all valid certificates excluding ones already revoked.- Specified by:
getValidCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
from
- The starting point of the serial number range.to
- The ending point of the serial number range.- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getAllValidCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllValidCertificates() throws EBaseException
Retrives all valid certificates excluding ones already revoked.- Throws:
EBaseException
-
getValidNotPublishedCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getValidNotPublishedCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrives all valid not published certificates excluding ones already revoked.- Specified by:
getValidNotPublishedCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
from
- The starting point of the serial number range.to
- The ending point of the serial number range.- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getAllValidNotPublishedCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllValidNotPublishedCertificates() throws EBaseException
Retrives all valid not published certificates excluding ones already revoked.- Throws:
EBaseException
-
getExpiredCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getExpiredCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrives all expired certificates.- Specified by:
getExpiredCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
from
- The starting point of the serial number range.to
- The ending point of the serial number range.- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getAllExpiredCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllExpiredCertificates() throws EBaseException
Retrives all expired certificates.- Throws:
EBaseException
-
getExpiredPublishedCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getExpiredPublishedCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrives all expired published certificates.- Specified by:
getExpiredPublishedCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
from
- The starting point of the serial number range.to
- The ending point of the serial number range.- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getAllExpiredPublishedCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllExpiredPublishedCertificates() throws EBaseException
Retrives all expired publishedcertificates.- Throws:
EBaseException
-
getInvalidCertsByNotBeforeDate
public com.netscape.certsrv.dbs.certdb.ICertRecordList getInvalidCertsByNotBeforeDate(java.util.Date date, int pageSize) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Gets Invalid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.- Specified by:
getInvalidCertsByNotBeforeDate
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
date
- reference datepageSize
- page size- Returns:
- a list of certificate records
- Throws:
EBaseException
- failed to retrieve
-
getValidCertsByNotAfterDate
public com.netscape.certsrv.dbs.certdb.ICertRecordList getValidCertsByNotAfterDate(java.util.Date date, int pageSize) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Gets valid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.- Specified by:
getValidCertsByNotAfterDate
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
date
- reference datepageSize
- page size- Returns:
- a list of certificate records
- Throws:
EBaseException
- failed to retrieve
-
getRevokedCertsByNotAfterDate
public com.netscape.certsrv.dbs.certdb.ICertRecordList getRevokedCertsByNotAfterDate(java.util.Date date, int pageSize) throws EBaseException
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Gets Revoked certs orderes by noAfter date, jumps to records where notAfter date is greater than current.- Specified by:
getRevokedCertsByNotAfterDate
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
date
- reference datepageSize
- page size- Returns:
- a list of certificate records
- Throws:
EBaseException
- failed to retrieve
-
getRevokedCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getRevokedCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrieves all revoked certificates in the serial number range.- Specified by:
getRevokedCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
from
- The starting point of the serial number range.to
- The ending point of the serial number range.- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getAllRevokedCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllRevokedCertificates() throws EBaseException
Retrives all revoked certificates including ones already expired or not yet valid.- Specified by:
getAllRevokedCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Returns:
- a list of revoked certificates
- Throws:
EBaseException
- failed to search
-
getRevokedPublishedCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getRevokedPublishedCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrieves all revoked publishedcertificates in the serial number range.- Specified by:
getRevokedPublishedCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
from
- The starting point of the serial number range.to
- The ending point of the serial number range.- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getAllRevokedPublishedCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllRevokedPublishedCertificates() throws EBaseException
Retrives all revoked published certificates including ones already expired or not yet valid.- Throws:
EBaseException
-
getRevokedCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getRevokedCertificates(java.util.Date asOfDate) throws EBaseException
Retrieves all revoked certificates that have not expired.- Specified by:
getRevokedCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
asOfDate
- as of date- Returns:
- a list of revoked certificates
- Throws:
EBaseException
- failed to retrieve
-
getAllRevokedNonExpiredCertificates
public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllRevokedNonExpiredCertificates() throws EBaseException
Retrives all revoked certificates excluing ones already expired.- Specified by:
getAllRevokedNonExpiredCertificates
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Returns:
- a list of revoked certificates
- Throws:
EBaseException
- failed to search
-
getModifications
public void getModifications(netscape.ldap.LDAPEntry entry)
Description copied from interface:com.netscape.certsrv.dbs.certdb.ICertificateRepository
Retrieves modified certificate records.- Specified by:
getModifications
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
- Parameters:
entry
- LDAPEntry with modified data
-
isCertificateRevoked
public RevocationInfo isCertificateRevoked(org.mozilla.jss.netscape.security.x509.X509CertImpl cert) throws EBaseException
Checks if the presented certificate belongs to the repository and is revoked.- Parameters:
cert
- certificate to verify.- Returns:
- RevocationInfo if the presented certificate is revoked otherwise null.
- Throws:
EBaseException
-
shutdown
public void shutdown()
- Specified by:
shutdown
in interfacecom.netscape.certsrv.dbs.certdb.ICertificateRepository
-
-