Class CertificateRepository

  • All Implemented Interfaces:
    com.netscape.certsrv.dbs.certdb.ICertificateRepository, com.netscape.certsrv.dbs.repository.IRepository

    public class CertificateRepository
    extends Repository
    implements com.netscape.certsrv.dbs.certdb.ICertificateRepository
    A class represents a certificate repository. It stores all the issued certificate.

    Version:
    $Revision$, $Date$
    Author:
    thomask, kanda
    • Constructor Summary

      Constructors 
      Constructor Description
      CertificateRepository​(DBSubsystem dbSubsystem, java.lang.String certRepoBaseDN, int increment, java.lang.String baseDN)
      Constructs a certificate repository.
    • Method Summary

      All Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      void addCertificateRecord​(com.netscape.certsrv.dbs.certdb.ICertRecord record)
      Adds a certificate record to the repository.
      void addCRLIssuingPoint​(java.lang.String id, ICRLIssuingPoint crlIssuingPoint)
      register CRL Issuing Point
      void addRevokedCertRecord​(CertRecord record)
      Used by the Clone Master (CLA) to add a revoked certificate record to the repository.
      boolean checkCertificateRecord​(java.math.BigInteger serialNo)  
      boolean containsCertificate​(java.math.BigInteger serialNo)
      Checks if the specified certificate is in the repository.
      com.netscape.certsrv.dbs.certdb.ICertRecord createCertRecord​(java.math.BigInteger id, java.security.cert.Certificate cert, MetaInfo meta)
      Creates certificate record.
      void deleteCertificateRecord​(java.math.BigInteger serialNo)
      Deletes certificate record.
      java.util.Enumeration<org.mozilla.jss.netscape.security.x509.X509CertImpl> findCertificates​(java.lang.String filter)
      Finds all certificates given a filter.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> findCertRecords​(java.lang.String filter)
      Finds a list of certificate records that satisifies the filter.
      com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList​(java.lang.String filter, java.lang.String[] attrs, int pageSize)
      Finds certificate records.
      com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList​(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, boolean hardJumpTo, java.lang.String sortKey, int pageSize)  
      com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList​(java.lang.String filter, java.lang.String[] attrs, java.lang.String sortKey, int pageSize)
      Finds a list of certificate records that satisifies the filter.
      com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList​(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize)
      Finds a list of certificate records that satisifies the filter.
      com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInListRawJumpto​(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize)
      Finds a list of certificate records that satisifies the filter.
      java.util.Enumeration<java.lang.Object> findCertRecs​(java.lang.String filter)
      Deprecated.
      replaced by findCertificatesInList
      java.util.Enumeration<java.lang.Object> findCertRecs​(java.lang.String filter, java.lang.String[] attrs)  
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllExpiredCertificates()
      Retrives all expired certificates.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllExpiredPublishedCertificates()
      Retrives all expired publishedcertificates.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllRevokedCertificates()
      Retrives all revoked certificates including ones already expired or not yet valid.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllRevokedNonExpiredCertificates()
      Retrives all revoked certificates excluing ones already expired.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllRevokedPublishedCertificates()
      Retrives all revoked published certificates including ones already expired or not yet valid.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllValidCertificates()
      Retrives all valid certificates excluding ones already revoked.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllValidNotPublishedCertificates()
      Retrives all valid not published certificates excluding ones already revoked.
      DBSubsystem getDBSubsystem()
      Retrieves backend database handle.
      java.lang.String getDN()
      Retrieves DN of this repository.
      boolean getEnableRandomSerialNumbers()
      Retrieves serial number management mode.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getExpiredCertificates​(java.lang.String from, java.lang.String to)
      Retrives all expired certificates.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getExpiredPublishedCertificates​(java.lang.String from, java.lang.String to)
      Retrives all expired published certificates.
      com.netscape.certsrv.dbs.certdb.ICertRecordList getInvalidCertsByNotBeforeDate​(java.util.Date date, int pageSize)
      Gets Invalid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
      java.math.BigInteger getLastSerialNumberInRange​(java.math.BigInteger serial_low_bound, java.math.BigInteger serial_upper_bound)  
      void getModifications​(netscape.ldap.LDAPEntry entry)
      Retrieves modified certificate records.
      java.math.BigInteger getNextSerialNumber()
      Retrieves the next serial number, and also increase the serial number by one.
      java.util.Hashtable<java.lang.String,​com.netscape.certsrv.dbs.certdb.RenewableCertificateCollection> getRenewableCertificates​(java.lang.String renewalTime)
      Retrieves renewable certificates.
      java.lang.String getRequestDN()  
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getRevokedCertificates​(java.lang.String from, java.lang.String to)
      Retrieves all revoked certificates in the serial number range.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getRevokedCertificates​(java.util.Date asOfDate)
      Retrieves all revoked certificates that have not expired.
      com.netscape.certsrv.dbs.certdb.ICertRecordList getRevokedCertsByNotAfterDate​(java.util.Date date, int pageSize)
      Gets Revoked certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getRevokedPublishedCertificates​(java.lang.String from, java.lang.String to)
      Retrieves all revoked publishedcertificates in the serial number range.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getValidCertificates​(java.lang.String from, java.lang.String to)
      Retrives all valid certificates excluding ones already revoked.
      com.netscape.certsrv.dbs.certdb.ICertRecordList getValidCertsByNotAfterDate​(java.util.Date date, int pageSize)
      Gets valid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getValidNotPublishedCertificates​(java.lang.String from, java.lang.String to)
      Retrives all valid not published certificates excluding ones already revoked.
      org.mozilla.jss.netscape.security.x509.X509CertImpl getX509Certificate​(java.math.BigInteger serialNo)
      Reads the certificate identified by the given serial no.
      org.mozilla.jss.netscape.security.x509.X509CertImpl[] getX509Certificates​(java.lang.String filter)  
      org.mozilla.jss.netscape.security.x509.X509CertImpl[] getX509Certificates​(java.lang.String subjectDN, int validityType)
      Gets all valid and unexpired certificates pertaining to a subject DN.
      RevocationInfo isCertificateRevoked​(org.mozilla.jss.netscape.security.x509.X509CertImpl cert)
      Checks if the presented certificate belongs to the repository and is revoked.
      void markAsRevoked​(java.math.BigInteger id, com.netscape.certsrv.dbs.certdb.IRevocationInfo info)
      Marks certificate as revoked.
      void markAsRevoked​(java.math.BigInteger id, com.netscape.certsrv.dbs.certdb.IRevocationInfo info, boolean isAlreadyRevoked)
      Marks certificate as revoked.
      void markCertificateAsNotRenewable​(com.netscape.certsrv.dbs.certdb.ICertRecord record)
      Marks certificate as renewable.
      void markCertificateAsRenewable​(com.netscape.certsrv.dbs.certdb.ICertRecord record)
      Marks certificate as renewable.
      void markCertificateAsRenewalNotified​(java.lang.String serialNo)
      Marks certificate as renewed and notified.
      void markCertificateAsRenewed​(java.lang.String serialNo)
      Marks certificate as renewed.
      void modifyCertificateRecord​(java.math.BigInteger serialNo, com.netscape.certsrv.dbs.ModificationSet mods)
      Modifies certificate record.
      com.netscape.certsrv.dbs.certdb.ICertRecord readCertificateRecord​(java.math.BigInteger serialNo)
      Reads certificate from repository.
      void removeCertRecords​(java.math.BigInteger beginS, java.math.BigInteger endS)
      Removes all objects with this repository.
      java.util.Enumeration<java.lang.Object> searchCertificates​(java.lang.String filter, int maxSize)
      Finds a list of certificate records that satisifies the filter.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> searchCertificates​(java.lang.String filter, int maxSize, int timeLimit)
      Finds a list of certificate records that satisifies the filter.
      java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> searchCertificates​(java.lang.String filter, int maxSize, int timeLimit, java.lang.String sortAttribute)
      Finds a list of certificate records that satisifies the filter.
      java.util.Enumeration<java.lang.Object> searchCertificates​(java.lang.String filter, int maxSize, java.lang.String sortAttribute)
      Finds a list of certificate records that satisifies the filter.
      void setCertStatusUpdateInterval​(com.netscape.certsrv.dbs.repository.IRepository requestRepository, int interval, boolean listenToCloneModifications)
      interval value: (in seconds) 0 - disable >0 - enable
      void setConsistencyCheck​(boolean ConsistencyCheck)  
      void setEnableRandomSerialNumbers​(boolean random, boolean updateMode, boolean forceModeChange)
      Sets serial number management mode for certificates..
      void setRequestDN​(java.lang.String requestDN)  
      void setSerialNumberUpdateInterval​(com.netscape.certsrv.dbs.repository.IRepository requestRepository, int interval)
      interval value: (in seconds) 0 - disable >0 - enable
      void setSkipIfInConsistent​(boolean SkipIfInconsistent)  
      void setTransitMaxRecords​(int max)  
      void setTransitRecordPageSize​(int size)  
      void shutdown()  
      void transitInvalidCertificates()
      This transits a certificate status from INVALID to VALID if a certificate becomes valid.
      void transitRevokedExpiredCertificates()
      This transits a certificate status from REVOKED to REVOKED_EXPIRED if an revoked certificate becomes expired.
      void transitValidCertificates()
      This transits a certificate status from VALID to EXPIRED if a certificate becomes expired.
      void unmarkRevoked​(java.math.BigInteger id, com.netscape.certsrv.dbs.certdb.IRevocationInfo info, java.util.Date revokedOn, java.lang.String revokedBy)
      Unmarks revoked certificate.
      void updateCertStatus()
      Updates certificate status now.
      void updateCounter()  
      void updateStatus​(java.math.BigInteger id, java.lang.String status)
      Updates the certificiate record status to the specified.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
      • Methods inherited from interface com.netscape.certsrv.dbs.repository.IRepository

        checkRanges, peekNextSerialNumber, resetSerialNumber, setEnableSerialMgmt, setMaxSerial, setNextMaxSerial
    • Field Detail

      • logger

        public static org.slf4j.Logger logger
      • PROP_CERT_BASE_DN

        public static final java.lang.String PROP_CERT_BASE_DN
        See Also:
        Constant Field Values
      • PROP_TRANS_MAXRECORDS

        public static final java.lang.String PROP_TRANS_MAXRECORDS
        See Also:
        Constant Field Values
      • PROP_TRANS_PAGESIZE

        public static final java.lang.String PROP_TRANS_PAGESIZE
        See Also:
        Constant Field Values
      • certStatusUpdateTask

        public com.netscape.cmscore.dbs.CertStatusUpdateTask certStatusUpdateTask
      • retrieveModificationsTask

        public com.netscape.cmscore.dbs.RetrieveModificationsTask retrieveModificationsTask
      • serialNumberUpdateTask

        public com.netscape.cmscore.dbs.SerialNumberUpdateTask serialNumberUpdateTask
    • Constructor Detail

      • CertificateRepository

        public CertificateRepository​(DBSubsystem dbSubsystem,
                                     java.lang.String certRepoBaseDN,
                                     int increment,
                                     java.lang.String baseDN)
                              throws com.netscape.certsrv.dbs.EDBException
        Constructs a certificate repository.
        Throws:
        com.netscape.certsrv.dbs.EDBException
    • Method Detail

      • createCertRecord

        public com.netscape.certsrv.dbs.certdb.ICertRecord createCertRecord​(java.math.BigInteger id,
                                                                            java.security.cert.Certificate cert,
                                                                            MetaInfo meta)
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Creates certificate record.
        Specified by:
        createCertRecord in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        id - serial number
        cert - certificate
        meta - meta information
        Returns:
        certificate record
      • getEnableRandomSerialNumbers

        public boolean getEnableRandomSerialNumbers()
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Retrieves serial number management mode.
        Specified by:
        getEnableRandomSerialNumbers in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Returns:
        serial number management mode, "true" indicates random serial number management, "false" indicates sequential serial number management.
      • setEnableRandomSerialNumbers

        public void setEnableRandomSerialNumbers​(boolean random,
                                                 boolean updateMode,
                                                 boolean forceModeChange)
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Sets serial number management mode for certificates..
        Specified by:
        setEnableRandomSerialNumbers in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        random - "true" sets random serial number management, "false" sequential
        updateMode - "true" updates "description" attribute in certificate repository
        forceModeChange - "true" forces certificate repository mode change
      • getNextSerialNumber

        public java.math.BigInteger getNextSerialNumber()
                                                 throws EBaseException
        Description copied from class: Repository
        Retrieves the next serial number, and also increase the serial number by one.

        Specified by:
        getNextSerialNumber in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Specified by:
        getNextSerialNumber in interface com.netscape.certsrv.dbs.repository.IRepository
        Overrides:
        getNextSerialNumber in class Repository
        Returns:
        serial number
        Throws:
        EBaseException - failed to retrieve next serial number
      • updateCounter

        public void updateCounter()
      • removeCertRecords

        public void removeCertRecords​(java.math.BigInteger beginS,
                                      java.math.BigInteger endS)
                               throws EBaseException
        Removes all objects with this repository.
        Specified by:
        removeCertRecords in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        beginS - BigInteger with radix 16
        endS - BigInteger with radix 16
        Throws:
        EBaseException
      • setConsistencyCheck

        public void setConsistencyCheck​(boolean ConsistencyCheck)
      • setSkipIfInConsistent

        public void setSkipIfInConsistent​(boolean SkipIfInconsistent)
      • setTransitMaxRecords

        public void setTransitMaxRecords​(int max)
      • setTransitRecordPageSize

        public void setTransitRecordPageSize​(int size)
      • addCRLIssuingPoint

        public void addCRLIssuingPoint​(java.lang.String id,
                                       ICRLIssuingPoint crlIssuingPoint)
        register CRL Issuing Point
      • setCertStatusUpdateInterval

        public void setCertStatusUpdateInterval​(com.netscape.certsrv.dbs.repository.IRepository requestRepository,
                                                int interval,
                                                boolean listenToCloneModifications)
        interval value: (in seconds) 0 - disable >0 - enable
        Specified by:
        setCertStatusUpdateInterval in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        requestRepository - request repository
        interval - update interval
        listenToCloneModifications - enable listening to clone modifications
      • setSerialNumberUpdateInterval

        public void setSerialNumberUpdateInterval​(com.netscape.certsrv.dbs.repository.IRepository requestRepository,
                                                  int interval)
        interval value: (in seconds) 0 - disable >0 - enable
      • updateCertStatus

        public void updateCertStatus()
                              throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Updates certificate status now. This is a blocking method.
        Specified by:
        updateCertStatus in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Throws:
        EBaseException - failed to update
      • getDN

        public java.lang.String getDN()
        Retrieves DN of this repository.
      • setRequestDN

        public void setRequestDN​(java.lang.String requestDN)
      • getRequestDN

        public java.lang.String getRequestDN()
      • getDBSubsystem

        public DBSubsystem getDBSubsystem()
        Retrieves backend database handle.
      • addCertificateRecord

        public void addCertificateRecord​(com.netscape.certsrv.dbs.certdb.ICertRecord record)
                                  throws EBaseException
        Adds a certificate record to the repository. Each certificate record contains four parts: certificate, meta-attributes, issue information and reovcation information.

        Specified by:
        addCertificateRecord in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        cert - X.509 certificate
        Throws:
        EBaseException - failed to add new certificate to the repository
      • addRevokedCertRecord

        public void addRevokedCertRecord​(CertRecord record)
                                  throws EBaseException
        Used by the Clone Master (CLA) to add a revoked certificate record to the repository.

        Parameters:
        record - a CertRecord
        Throws:
        EBaseException - failed to add new certificate to the repository
      • transitValidCertificates

        public void transitValidCertificates()
                                      throws EBaseException
        This transits a certificate status from VALID to EXPIRED if a certificate becomes expired.
        Throws:
        EBaseException
      • transitRevokedExpiredCertificates

        public void transitRevokedExpiredCertificates()
                                               throws EBaseException
        This transits a certificate status from REVOKED to REVOKED_EXPIRED if an revoked certificate becomes expired.
        Throws:
        EBaseException
      • transitInvalidCertificates

        public void transitInvalidCertificates()
                                        throws EBaseException
        This transits a certificate status from INVALID to VALID if a certificate becomes valid.
        Throws:
        EBaseException
      • getX509Certificate

        public org.mozilla.jss.netscape.security.x509.X509CertImpl getX509Certificate​(java.math.BigInteger serialNo)
                                                                               throws EBaseException
        Reads the certificate identified by the given serial no.
        Specified by:
        getX509Certificate in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        serialNo - serial number of certificate
        Returns:
        certificate
        Throws:
        EBaseException - failed to retrieve certificate
      • deleteCertificateRecord

        public void deleteCertificateRecord​(java.math.BigInteger serialNo)
                                     throws EBaseException
        Deletes certificate record.
        Specified by:
        deleteCertificateRecord in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        serialNo - serial number of certificate
        Throws:
        EBaseException - failed to delete
      • readCertificateRecord

        public com.netscape.certsrv.dbs.certdb.ICertRecord readCertificateRecord​(java.math.BigInteger serialNo)
                                                                          throws EBaseException
        Reads certificate from repository.
        Specified by:
        readCertificateRecord in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        serialNo - serial number of certificate
        Returns:
        certificate record
        Throws:
        EBaseException - failed to retrieve certificate
      • checkCertificateRecord

        public boolean checkCertificateRecord​(java.math.BigInteger serialNo)
                                       throws EBaseException
        Throws:
        EBaseException
      • modifyCertificateRecord

        public void modifyCertificateRecord​(java.math.BigInteger serialNo,
                                            com.netscape.certsrv.dbs.ModificationSet mods)
                                     throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Modifies certificate record.
        Specified by:
        modifyCertificateRecord in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        serialNo - serial number of record
        mods - modifications
        Throws:
        EBaseException - failed to modify
      • containsCertificate

        public boolean containsCertificate​(java.math.BigInteger serialNo)
                                    throws EBaseException
        Checks if the specified certificate is in the repository.
        Specified by:
        containsCertificate in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        serialNo - serial number of certificate
        Returns:
        true if it exists
        Throws:
        EBaseException - failed to check
      • markAsRevoked

        public void markAsRevoked​(java.math.BigInteger id,
                                  com.netscape.certsrv.dbs.certdb.IRevocationInfo info)
                           throws EBaseException
        Marks certificate as revoked. isAlreadyRevoked - boolean to indicate that the cert was revoked ( possibly onHold ) When a cert was originally revoked (possibly onHold), some of the ldap attributes already exist, so "MOD_REPLACE" is needed instead of "MOD_ADD"
        Specified by:
        markAsRevoked in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        id - serial number
        info - revocation information
        Throws:
        EBaseException - failed to mark
      • markAsRevoked

        public void markAsRevoked​(java.math.BigInteger id,
                                  com.netscape.certsrv.dbs.certdb.IRevocationInfo info,
                                  boolean isAlreadyRevoked)
                           throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Marks certificate as revoked.
        Specified by:
        markAsRevoked in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        id - serial number
        info - revocation information
        isAlreadyRevoked - boolean to indicate if the cert was revoked onHold
        Throws:
        EBaseException - failed to mark
      • unmarkRevoked

        public void unmarkRevoked​(java.math.BigInteger id,
                                  com.netscape.certsrv.dbs.certdb.IRevocationInfo info,
                                  java.util.Date revokedOn,
                                  java.lang.String revokedBy)
                           throws EBaseException
        Unmarks revoked certificate.
        Specified by:
        unmarkRevoked in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        id - serial number
        info - revocation information
        revokedOn - revocation date
        revokedBy - userid
        Throws:
        EBaseException - failed to unmark
      • updateStatus

        public void updateStatus​(java.math.BigInteger id,
                                 java.lang.String status)
                          throws EBaseException
        Updates the certificiate record status to the specified.
        Specified by:
        updateStatus in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        id - serial number
        status - certificate status
        Throws:
        EBaseException - failed to update status
      • searchCertificates

        public java.util.Enumeration<java.lang.Object> searchCertificates​(java.lang.String filter,
                                                                          int maxSize,
                                                                          java.lang.String sortAttribute)
                                                                   throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Finds a list of certificate records that satisifies the filter.
        Specified by:
        searchCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        maxSize - max size to return
        sortAttribute - Attribute of ICertRecord to sort the results
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search
      • searchCertificates

        public java.util.Enumeration<java.lang.Object> searchCertificates​(java.lang.String filter,
                                                                          int maxSize)
                                                                   throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Finds a list of certificate records that satisifies the filter. Here is a list of filter attribute can be used:
           certRecordId
           certMetaInfo
           certStatus
           certCreateTime
           certModifyTime
           x509Cert.notBefore
           x509Cert.notAfter
           x509Cert.subject
         
        The filter should follow RFC1558 LDAP filter syntax. For example,
           (&(certRecordId=5)(x509Cert.notBefore=934398398))
         
        Specified by:
        searchCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        maxSize - max size to return
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search
      • searchCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> searchCertificates​(java.lang.String filter,
                                                                                                     int maxSize,
                                                                                                     int timeLimit)
                                                                                              throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Finds a list of certificate records that satisifies the filter.
        Specified by:
        searchCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        maxSize - max size to return
        timeLimit - timeout value
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search
      • searchCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> searchCertificates​(java.lang.String filter,
                                                                                                     int maxSize,
                                                                                                     int timeLimit,
                                                                                                     java.lang.String sortAttribute)
                                                                                              throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Finds a list of certificate records that satisifies the filter.
        Specified by:
        searchCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        maxSize - max size to return
        timeLimit - timeout value
        sortAttribute - Attribute of ICertRecord to sort the results
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search
      • findCertRecs

        public java.util.Enumeration<java.lang.Object> findCertRecs​(java.lang.String filter)
                                                             throws EBaseException
        Deprecated.
        replaced by findCertificatesInList
        Returns a list of X509CertImp that satisfies the filter.
        Specified by:
        findCertRecs in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        Returns:
        a list of certificate records
        Throws:
        EBaseException - failed to retrieve cert records
      • findCertRecs

        public java.util.Enumeration<java.lang.Object> findCertRecs​(java.lang.String filter,
                                                                    java.lang.String[] attrs)
                                                             throws EBaseException
        Throws:
        EBaseException
      • findCertificates

        public java.util.Enumeration<org.mozilla.jss.netscape.security.x509.X509CertImpl> findCertificates​(java.lang.String filter)
                                                                                                    throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Finds all certificates given a filter.
        Specified by:
        findCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search
      • findCertRecords

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> findCertRecords​(java.lang.String filter)
                                                                                           throws EBaseException
        Finds a list of certificate records that satisifies the filter. If you are going to process everything in the list, use this.
        Specified by:
        findCertRecords in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search
      • findCertRecordsInList

        public com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList​(java.lang.String filter,
                                                                                     java.lang.String[] attrs,
                                                                                     int pageSize)
                                                                              throws EBaseException
        Finds certificate records. Here is a list of filter attribute can be used:
           certRecordId
           certMetaInfo
           certStatus
           certCreateTime
           certModifyTime
           x509Cert.notBefore
           x509Cert.notAfter
           x509Cert.subject
         
        The filter should follow RFC1558 LDAP filter syntax. For example,
           (&(certRecordId=5)(x509Cert.notBefore=934398398))
         
        Specified by:
        findCertRecordsInList in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        attrs - selected attribute
        pageSize - page size
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search
      • findCertRecordsInList

        public com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList​(java.lang.String filter,
                                                                                     java.lang.String[] attrs,
                                                                                     java.lang.String sortKey,
                                                                                     int pageSize)
                                                                              throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Finds a list of certificate records that satisifies the filter.
        Specified by:
        findCertRecordsInList in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        attrs - selected attribute
        sortKey - key to use for sorting the returned elements
        pageSize - page size
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search
      • findCertRecordsInList

        public com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList​(java.lang.String filter,
                                                                                     java.lang.String[] attrs,
                                                                                     java.lang.String jumpTo,
                                                                                     java.lang.String sortKey,
                                                                                     int pageSize)
                                                                              throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Finds a list of certificate records that satisifies the filter.
        Specified by:
        findCertRecordsInList in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        attrs - selected attribute
        jumpTo - jump to index
        sortKey - key to use for sorting the returned elements
        pageSize - page size
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search
      • findCertRecordsInList

        public com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInList​(java.lang.String filter,
                                                                                     java.lang.String[] attrs,
                                                                                     java.lang.String jumpTo,
                                                                                     boolean hardJumpTo,
                                                                                     java.lang.String sortKey,
                                                                                     int pageSize)
                                                                              throws EBaseException
        Specified by:
        findCertRecordsInList in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Throws:
        EBaseException
      • findCertRecordsInListRawJumpto

        public com.netscape.certsrv.dbs.certdb.ICertRecordList findCertRecordsInListRawJumpto​(java.lang.String filter,
                                                                                              java.lang.String[] attrs,
                                                                                              java.lang.String jumpTo,
                                                                                              java.lang.String sortKey,
                                                                                              int pageSize)
                                                                                       throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Finds a list of certificate records that satisifies the filter.
        Specified by:
        findCertRecordsInListRawJumpto in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        filter - search filter
        attrs - selected attribute
        jumpTo - jump to index
        sortKey - key to use for sorting the returned elements
        pageSize - page size
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to search
      • markCertificateAsRenewable

        public void markCertificateAsRenewable​(com.netscape.certsrv.dbs.certdb.ICertRecord record)
                                        throws EBaseException
        Marks certificate as renewable.
        Specified by:
        markCertificateAsRenewable in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        record - certificate record to modify
        Throws:
        EBaseException - failed to update
      • markCertificateAsNotRenewable

        public void markCertificateAsNotRenewable​(com.netscape.certsrv.dbs.certdb.ICertRecord record)
                                           throws EBaseException
        Marks certificate as renewable.
        Specified by:
        markCertificateAsNotRenewable in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        record - certificate record to modify
        Throws:
        EBaseException - failed to update
      • markCertificateAsRenewed

        public void markCertificateAsRenewed​(java.lang.String serialNo)
                                      throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Marks certificate as renewed.
        Specified by:
        markCertificateAsRenewed in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        serialNo - certificate record to modify
        Throws:
        EBaseException - failed to update
      • markCertificateAsRenewalNotified

        public void markCertificateAsRenewalNotified​(java.lang.String serialNo)
                                              throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Marks certificate as renewed and notified.
        Specified by:
        markCertificateAsRenewalNotified in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        serialNo - certificate record to modify
        Throws:
        EBaseException - failed to update
      • getRenewableCertificates

        public java.util.Hashtable<java.lang.String,​com.netscape.certsrv.dbs.certdb.RenewableCertificateCollection> getRenewableCertificates​(java.lang.String renewalTime)
                                                                                                                                            throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Retrieves renewable certificates.
        Specified by:
        getRenewableCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        renewalTime - renewal time
        Returns:
        certificates
        Throws:
        EBaseException - failed to retrieve
      • getX509Certificates

        public org.mozilla.jss.netscape.security.x509.X509CertImpl[] getX509Certificates​(java.lang.String subjectDN,
                                                                                         int validityType)
                                                                                  throws EBaseException
        Gets all valid and unexpired certificates pertaining to a subject DN.
        Specified by:
        getX509Certificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        subjectDN - The distinguished name of the subject.
        validityType - The type of certificates to get.
        Returns:
        An array of certificates.
        Throws:
        EBaseException - on error.
      • getX509Certificates

        public org.mozilla.jss.netscape.security.x509.X509CertImpl[] getX509Certificates​(java.lang.String filter)
                                                                                  throws EBaseException
        Throws:
        EBaseException
      • getValidCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getValidCertificates​(java.lang.String from,
                                                                                                       java.lang.String to)
                                                                                                throws EBaseException
        Retrives all valid certificates excluding ones already revoked.
        Specified by:
        getValidCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        from - The starting point of the serial number range.
        to - The ending point of the serial number range.
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve
      • getAllValidCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllValidCertificates()
                                                                                                   throws EBaseException
        Retrives all valid certificates excluding ones already revoked.
        Throws:
        EBaseException
      • getValidNotPublishedCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getValidNotPublishedCertificates​(java.lang.String from,
                                                                                                                   java.lang.String to)
                                                                                                            throws EBaseException
        Retrives all valid not published certificates excluding ones already revoked.
        Specified by:
        getValidNotPublishedCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        from - The starting point of the serial number range.
        to - The ending point of the serial number range.
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve
      • getAllValidNotPublishedCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllValidNotPublishedCertificates()
                                                                                                               throws EBaseException
        Retrives all valid not published certificates excluding ones already revoked.
        Throws:
        EBaseException
      • getExpiredCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getExpiredCertificates​(java.lang.String from,
                                                                                                         java.lang.String to)
                                                                                                  throws EBaseException
        Retrives all expired certificates.
        Specified by:
        getExpiredCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        from - The starting point of the serial number range.
        to - The ending point of the serial number range.
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve
      • getAllExpiredCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllExpiredCertificates()
                                                                                                     throws EBaseException
        Retrives all expired certificates.
        Throws:
        EBaseException
      • getExpiredPublishedCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getExpiredPublishedCertificates​(java.lang.String from,
                                                                                                                  java.lang.String to)
                                                                                                           throws EBaseException
        Retrives all expired published certificates.
        Specified by:
        getExpiredPublishedCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        from - The starting point of the serial number range.
        to - The ending point of the serial number range.
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve
      • getAllExpiredPublishedCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllExpiredPublishedCertificates()
                                                                                                              throws EBaseException
        Retrives all expired publishedcertificates.
        Throws:
        EBaseException
      • getInvalidCertsByNotBeforeDate

        public com.netscape.certsrv.dbs.certdb.ICertRecordList getInvalidCertsByNotBeforeDate​(java.util.Date date,
                                                                                              int pageSize)
                                                                                       throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Gets Invalid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
        Specified by:
        getInvalidCertsByNotBeforeDate in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        date - reference date
        pageSize - page size
        Returns:
        a list of certificate records
        Throws:
        EBaseException - failed to retrieve
      • getValidCertsByNotAfterDate

        public com.netscape.certsrv.dbs.certdb.ICertRecordList getValidCertsByNotAfterDate​(java.util.Date date,
                                                                                           int pageSize)
                                                                                    throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Gets valid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
        Specified by:
        getValidCertsByNotAfterDate in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        date - reference date
        pageSize - page size
        Returns:
        a list of certificate records
        Throws:
        EBaseException - failed to retrieve
      • getRevokedCertsByNotAfterDate

        public com.netscape.certsrv.dbs.certdb.ICertRecordList getRevokedCertsByNotAfterDate​(java.util.Date date,
                                                                                             int pageSize)
                                                                                      throws EBaseException
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Gets Revoked certs orderes by noAfter date, jumps to records where notAfter date is greater than current.
        Specified by:
        getRevokedCertsByNotAfterDate in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        date - reference date
        pageSize - page size
        Returns:
        a list of certificate records
        Throws:
        EBaseException - failed to retrieve
      • getRevokedCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getRevokedCertificates​(java.lang.String from,
                                                                                                         java.lang.String to)
                                                                                                  throws EBaseException
        Retrieves all revoked certificates in the serial number range.
        Specified by:
        getRevokedCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        from - The starting point of the serial number range.
        to - The ending point of the serial number range.
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve
      • getAllRevokedCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllRevokedCertificates()
                                                                                                     throws EBaseException
        Retrives all revoked certificates including ones already expired or not yet valid.
        Specified by:
        getAllRevokedCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Returns:
        a list of revoked certificates
        Throws:
        EBaseException - failed to search
      • getRevokedPublishedCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getRevokedPublishedCertificates​(java.lang.String from,
                                                                                                                  java.lang.String to)
                                                                                                           throws EBaseException
        Retrieves all revoked publishedcertificates in the serial number range.
        Specified by:
        getRevokedPublishedCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        from - The starting point of the serial number range.
        to - The ending point of the serial number range.
        Returns:
        a list of certificates
        Throws:
        EBaseException - failed to retrieve
      • getAllRevokedPublishedCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllRevokedPublishedCertificates()
                                                                                                              throws EBaseException
        Retrives all revoked published certificates including ones already expired or not yet valid.
        Throws:
        EBaseException
      • getRevokedCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getRevokedCertificates​(java.util.Date asOfDate)
                                                                                                  throws EBaseException
        Retrieves all revoked certificates that have not expired.
        Specified by:
        getRevokedCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        asOfDate - as of date
        Returns:
        a list of revoked certificates
        Throws:
        EBaseException - failed to retrieve
      • getAllRevokedNonExpiredCertificates

        public java.util.Enumeration<com.netscape.certsrv.dbs.certdb.ICertRecord> getAllRevokedNonExpiredCertificates()
                                                                                                               throws EBaseException
        Retrives all revoked certificates excluing ones already expired.
        Specified by:
        getAllRevokedNonExpiredCertificates in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Returns:
        a list of revoked certificates
        Throws:
        EBaseException - failed to search
      • getModifications

        public void getModifications​(netscape.ldap.LDAPEntry entry)
        Description copied from interface: com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Retrieves modified certificate records.
        Specified by:
        getModifications in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository
        Parameters:
        entry - LDAPEntry with modified data
      • isCertificateRevoked

        public RevocationInfo isCertificateRevoked​(org.mozilla.jss.netscape.security.x509.X509CertImpl cert)
                                            throws EBaseException
        Checks if the presented certificate belongs to the repository and is revoked.
        Parameters:
        cert - certificate to verify.
        Returns:
        RevocationInfo if the presented certificate is revoked otherwise null.
        Throws:
        EBaseException
      • shutdown

        public void shutdown()
        Specified by:
        shutdown in interface com.netscape.certsrv.dbs.certdb.ICertificateRepository