All Classes and Interfaces

Class
Description
An abstract class represents an authorization manager that governs the access of internal resources such as servlets.
 
 
 
 
 
 
A class represents an access control list (ACL).
Manage Access Control List configuration
A class represents an ACI entry of an access control list.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
A class represents a resource bundle for the remote admin.
A class represents an administration servlet that is responsible to serve administrative operation such as configuration parameter updates.
The AgentApproval class contains the record of a single agent approval.
A collection of AgentApproval objects.
Certificate server agent authentication.
 
This abstract class is a base job for real job extentions for the Jobs Scheduler.
This class represents an expression of the form .
 
 
 
The abstract policy rule that concrete implementations will extend.
 
 
This class represents a set of indexed arguments.
This class represents a list of arguments that will be returned to the end-user via the template framework.
This class represents a set of arguments.
This class represents a string-based argument.
This class implements an individual self test.
 
 
 
Assertion exceptions are thrown when assertion code is invoked and fails to operate properly.
 
 
 
A locking mechanism for loading or reloading an initially unknown number of items.
The AtoB class is a utility program designed to "translate" an ASCII BASE 64 encoded blob into a BINARY BASE 64 encoded blob.
AttributeNameHelper.
This class represents a collection of attribute sets.
 
 
 
 
 
The log event object that carries message detail of a log event that goes into the Transaction log.
A log event object for handling audit messages
 
 
 
 
Define audit log message format.
 
 
 
 
 
Tool for verifying signed audit logs
A class representing an administration servlet for the Authentication Management subsystem.
Authentication Credentials as input to the authMgr.
Authentication Credentials as input to the authMgr
Authentication Credentials as input to the authMgr
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Authentication Manager interface.
 
A class represents an authentication manager.
 
 
 
This class represents a registered authentication manager plugin.
 
 
 
 
 
 
 
Identifier for a CertificateAuthority.
 
 
 
 
 
Default authentication subsystem
Authentication token returned by Authentication Managers.
 
 
A class represents an authorization manager.
 
This class represents a registered authorization manager plugin.
Default authorization subsystem
Authorization token returned by Authorization Managers.
 
 
A class represents a resource bundle for the entire system.
This class represents a basic subsystem.
A class for basic acls authorization manager
 
RFC 2560:
A Template for decoding ResponseBytes.
 
A class represents ann attribute mapper that maps a Java BigInteger object into LDAP attribute, and vice versa.
The BtoA class is a utility program designed to "translate" a BINARY BASE 64 encoded blob into an ASCII BASE 64 encoded blob.
A class represents ann attribute mapper that maps a Java byte array object into LDAP attribute, and vice versa.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Exception to throw when a (sub-)CA cannot perform an operation because it is disabled.
Exception to throw when an operation cannot be performed because the CA to which the operation pertains is enabled.
 
 
 
Exception to throw when a (sub-)CA's signing certificate is not (yet) present in the local NSSDB.
Exception to throw when a (sub-)CA's signing key is not (yet) present in the local NSSDB.
Exception to throw when a (sub-)CA cannot be found.
Exception to throw when an operation cannot be performed because the CA to which the operation pertains is not a leaf CA (ie, has sub-CAs).
A class represents a resource bundle for CA subsystem.
CA signing certificate.
 
 
Exception to throw when an operation cannot be completed because the CA is the wrong type (e.g., an operation that only applies to lightweight CAs).
 
 
 
Compares validity dates for use in sorting.
A class represents a collection of certificate record specific schema information.
This interface defines a strategy on how to match the incoming certificate(s) with the certificate(s) in the scope.
 
The CertId class represents the identifier for a particular cert record.
RFC 2560:
A Template for decoding a CertID.
This base class provides methods to import CA signing cert or get certificate request.
A classrepresents a certificate repository.
This class defines the strong authentication basic elements, the X509 certificates.
 
 
This class implements the pretty print certificate output that displays the issued certificate in a pretty print format.
This class will display the certificate content in predefined format.
A class represents a serializable certificate record.
A class represents a list of certificate records.
This class implements the certificate request input.
 
 
 
 
 
 
 
 
 
 
RFC 2560:
 
 
Certificate server agent authentication.
This interface defines a certificate mapping strategy to locate a user
 
Utility class with assorted methods to check for smime pairs, determining the type of cert - signature or encryption ..etc.
Challenge phrase based authentication.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Redirect a request to the Master.
Clone servlet - part of the Clone Authority (CLA) processes Revoked certs from its dependant clone CAs service request and return status.
UID/CMC authentication plug-in
This class implements the certificate request input.
Tool for signing PKCS #10 , return CMC enrollment request
Process CMC messages according to RFC 2797 See http://www.ietf.org/rfc/rfc2797.txt
Tool for creating CMC full request
Tool for parsing a CMC response
Tool for signing a CMC revocation request with an agent's certificate.
A command-line utility used to take a passphrase as an input and generate an encrypted entry for ldap entry
 
 
This represents the CMS server.
A class representings an administration servlet.
This represents a Authority Information Access CRL extension.
This represents a certificate issuer extension.
This represents a CRL reason extension.
 
CMS extension class, for creating extensions from http input and displaying extensions to html forms.
Loads extension classes from configuration file and return for a given extension name or OID.
CMSFile represents a file from the filesystem cached in memory
CMSFileLoader - file cache.
This represents a freshest CRL extension.
This class is to hold some general method for servlets.
A class represents a resource bundle for cms gateway.
This represents a hold instruction extension.
This represents a invalidity date extension.
This represents a issuer alternative name extension.
This represents a issuing distribution point extension.
handy class containing cms templates to load and fill.
This represents a user request.
 
 
 
This is the base class of all CS servlet.
This servlet is started by the web server at startup, and it starts the CMS framework.
File templates.
Holds template parameters
 
Command queue for registration and unregistration process for clean shutdown.
 
 
 
 
 
This interface contains constants that are used in the protocol between the configuration daemon and UI configuration wizard.
 
 
 
 
 
 
 
 
 
 
A class represents a in-memory configuration store.
 
Utility class for functions to be used by the RESTful installer.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Connector servlet process requests from remote authority - service request or return status.
 
This interface contains constants that are shared by certificate server and its client SDK.
 
 
A class represents a credential.
A class represents a collection of schema information for CRL.
A class represents a CRL issuing point record.
This class will display the certificate content in predefined format.
 
 
A command-line utility used to generate a Certificate Request Message Format (CRMF) request with proof of possesion (POP).
Process CRMF requests, according to RFC 2511 See http://www.ietf.org/rfc/rfc2511.txt
class representing one Job cron item
class representing one Job cron element
 
 
An abstract class defining the functionality to be provided by sub classes to perform cryptographic operations.
 
This class implements in-memory database which is stored in CS.cfg.
 
This class implements in-memory database.
 
 
A class represents ann attribute mapper that maps a Java Date array object into LDAP attribute, and vice versa.
A class represents ann attribute mapper that maps a Java Date object into LDAP attribute, and vice versa.
 
A class represents an attribute mapper.
A class representing a dynamic attribute mapper.
 
 
A class represents a registry where all the schema (object classes and attribute) information is stored.
A class represents a resource bundle for DBS subsystem.
A class represents the search results.
An interface represents the database session.
A class represents the database subsystem that manages the backend data storage.
A class represents ann attribute mapper that maps a Java BigInteger object into LDAP attribute, and vice versa.
A class represents a virtual list of search results.
 
 
 
 
 
This interface represents a property descriptor.
This interface defines all the operation destination used in the administration protocol between the console and the server.
A class for ldap acls based authorization manager The ldap server used for acls is the cms internal ldap db.
'Face-to-face' certificate enrollment.
Abstract class for directory based authentication managers Uses a pattern for formulating subject names.
For Face-to-face enrollment, disable EE enrollment feature
Servlet to report the status, ie, the agent-initiated user enrollment is enabled or disabled.
This is the servlet that displays the html page for the corresponding input id.
 
class for parsing a DN pattern used to construct a certificate subject name from ldap attributes and dn.
 
 
This class implements the dual key generation input.
Return some javascript to the request which contains the list of dynamic data in the CMS system.
A class represents an acls exception.
This class represents authentication exceptions.
An exception for authentication internal error.
Exception for authentication manager not found.
Exception for authentication manager not found.
Exception for invalid attribute value
Exception for authorization failure
This class represents authorization exceptions.
An exception for internal error for authorization.
Exception for authorization manager not found.
Exception for authorization manager plugin not found.
Exception for operation unknown to the authorization manager
Exception for protected resource unknown to the authorization manager
 
An exception with localizable error messages.
A class represents a CA exception.
This represents a profile specific exception for handling CMC badIdentity condition.
This represents a profile specific exception for handling CMC badMessageCheck condition.
This represents a profile specific exception for handling CMC badRequest condition.
This represents a profile specific exception for handling CMC popFailed condition.
This represents a profile specific exception for handling CMC popRequired condition.
This represents a profile specific exception for handling CMC unsupportedExt condition.
A class represents a CMS gateway exception.
An exception for DN component syntax error.
This type of exception is thrown in cases where an parsing error is found while evaluating a PKI component.
A class represents a database exception.
Indicates internal db is down.
Indicates internal db is down.
This represents a profile specific exception.
This class implements a duplicate self test exception.
 
 
A class represents a CA exception associated with publishing error.
This represents the extensions exception.
An exception for Error formulating the subject name (X500Name)
An exception for invalid credentials.
This class implements an invalid self test exception.
A class represents a jobs exception.
A class represents a KRA exception.
A class that represents a Ldap exception.
This represents exception which indicates Ldap server is down.
A class represents a listener exception.
This class implements a Log exception.
Exception for log not found.
Exception for log plugin not found.
formulates the final email.
Email resolver keys as input to email resolvers
Files to be processed and returned to the requested parties.
Exception for Publish Mapper not found.
Exception for Mapper Plugin not found.
Exception for missing a required authentication credential.
This class implements a missing self test exception.
For Face-to-face enrollment, enable EE enrollment feature
 
This class implements the key generation input that populates parameters to the enrollment page for key generation.
 
 
 
A class represents a notification exception.
This class implements the base enrollment input.
This class implements the basic enrollment output.
This class implements a generic enrollment profile.
A class represents a password checker exception.
This class represents Exceptions used by the policy package.
This represents a generic profile exception.
This is the base exception for property handling.
This class represents an exception thrown when a property is not defined (empty string) the configuration store.
This class represents an exception thrown when a property is not found in the configuration store.
Exception for Publisher not found.
Exception for Publisher Plugin not found.
This represents a registry exception.
This represents a profile specific exception.
Exception for Ldap Publishing Rule not found.
Exception for Publisher Rule plugin not found.
This class implements a self test exception.
A class represents a Identity exception.
This interface defines a strategy on how to match the incoming certificate(s) with the certificate(s) in the scope.
 
Maps dynamic data for the extData- prefix to and from the extData Hashtable in RequestRecord.
Subclass of Hashtable returned by Request.getExtDataInHashtable.
 
 
Plugin which can return extended information to console
This represents the resources for extensions.
 
 
 
 
Authentication token that wraps an externally authenticated principal to return.
This program joins a sequence of extensions together so that the final output can be used in configuration wizard for specifing extra extensions in default certificates (i.e.
This class will display the certificate content in predefined format.
 
 
 
 
 
 
 
 
This publisher writes certificate and CRL into a directory.
FileConfigStorage: Extends ConfigStore with methods to load/save from/to file for persistent storage.
checks the filename and directory with the specified filter checks with multiple "*".
This class implements the image input that collects a picture.
 
This represents the authentication manager that authenticates user against a file where id, and password are stored.
 
 
 
 
 
convenience class for policies use.
convenience class for policies use.
 
 
Class that can be used to form general names from configuration file.
 
 
This class implements a generic input.
This is a Generic policy processor.
Default error template filler
Generates a DER-encoded Extended Key Usage extension.
This program generates an issuer alternative name extension in base-64 encoding.
default Pending template filler
default Service Pending template filler
This program generates an subject alternative name extension in base-64 encoding.
default Success template filler
default Service Pending template filler
default Unauthorized template filler
default unexpected error template filler
 
 
 
 
 
 
Retrieve information about the number of OCSP requests the OCSP has serviced
Retrieve information.
 
 
 
RFC 2560:
A Template for decoding ResponseBytes.
A class represents a group.
A class represents a group acls evaluator.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
The structure stores the information of which machine is enabled for the agent-initiated user enrollment, and whom agents enable this feature, and the value of the timeout.
Hash uid/pwd directory based authentication manager
 
 
This class implements a CMC Enroll client for testing.
basic http client.
 
 
Factory for getting HTTP Connections to a HTTPO server
 
 
 
Basic HTTP Message, excluding message body.
simple name/value pair message.
 
Basic HTTP Request.
encodes a request by serializing it.
Basic HTTP Response.
A class represents an evaluator.
A class represents an access control list (ACL).
A class represents an entry of access control list.
This interface defines the abstraction for the generic collection of attributes indexed by string names.
This interface presents a generic argument value.
This interface defines the abstraction for the generic collection of attributes indexed by string names.
An interface represents authentication credentials: e.g.
An interface represents an authentication context.
Authority interface.
AuthToken interface.
Authorization Manager interface needs to be implemented by all authorization managers.
An interface represents a Certificate Authority that is responsible for certificate specific operations.
This interface represents a certificate pretty print handler.
An interface representing a CRL extension plugin.
An interface representing a list of CRL extensions.
This interface represents a template filler.
This interface provides a standard way to describe a set of configuration parameters and its associated syntax.
This interface represents a connector that forwards CMS requests to a remote authority.
An interface that defines abilities of a CRL issuing point record.
This interface represents a CRL pretty print handler.
Interface for handling cross certs
This interface represents the cryptographics subsystem that provides all the security related functions.
this class represents the callback interface between the client package and the data storage object (data model)
An interface represents a database object that is serializable.
A class represents the search results.
A interface represents a virtual list of search results.
This interface represents a property descriptor.
Processor handles object read from the session.
formulates the final email.
An email resolver that first checks the request email, if none, then follows by checking the subjectDN of the certificate
An interface represents email resolver (ordered) keys for resolving emails e.g.
Files to be processed and returned to the requested parties.
An interface represents a encryption unit.
Interface for an enrollment policy rule.
Interface for a policy expression.
Plugin which can return extended information to console
This class will display the certificate content in predefined format.
An interface represents a filter converter that understands how to convert a attribute type from one defintion to another.
Class that can be used to form general names from configuration file.
Class that can be used to form general names from configuration file.
Class that can be used to form general names from configuration file.
Class that can be used to form general names from configuration file.
Class that can be used to form general names from configuration file.
This represents a HTTP connection to a remote authority.
This represents a Http PKI message.
An interface to be implemented from for a job to be scheduled by the Jobs Scheduler.
class representing one Job cron information
Interface for a key recovery policy rule.
An interface contains constants for key record.
A class represents a list of key records.
An interface represents key recovery authority.
Interface for a key recovery policy rule.
An interface represents a Key repository.
An interface representing a recovery service.
Interface for mapping a X509 certificate to a LDAP entry.
Maintains a pool of connections to the LDAP server.
Class on behalf of the Publishing system that controls an instance of an ILdapConnFactory.
Interface for mapping a CRL to a LDAP entry.
Interface for a Ldap predicate expression.
Interface for mapping a X509 certificate to a LDAP entry.
Interface for any Ldap plugin.
Interface for any ldap plugin.
Interface for publishing certificate or crl to database store.
An interface which all loggable events must implement.
An interface represents a log event factory.
An interface represents a log event listener.
An interface represents a logger for certificate server.
An interface that represents a logging component.
This class implements the image input that collects a picture.
This class handles mail notification via SMTP.
 
 
This is the servlet that builds the index page in various ports.
A class represents a certificate server kernel.
 
 
 
 
 
 
The INotify interface defines operations that are invoked when a request is completely processed.
 
 
 
 
 
A class represents ann attribute mapper that maps a Java Integer object into LDAP attribute, and vice versa.
This class represents the primary interface for the Online Certificate Status Protocol (OCSP) server.
This class represents the servlet that serves the Online Certificate Status Protocol (OCSP) requests.
A class represents a IP address acls evaluator.
 
Password quality checker interface.
 
 
 
Messages that are serialized and go over the wire.
This represents the request parser.
This interface represents a plugin instance.
The plugin information includes name, class name, and description.
Interface to a policy.
Interface for policy predicate parsers.
A generic interface for a policy processor.
Interface for a policy rule.
Represents a set of policy rules.
This class will display the certificate content in predefined format.
This interface represents an updater that will be called when the request's state changes.
An interface represents a proof of archival.
This represents raw JS parameters.
This represents a remote authority that can be a certificate manager, or key recovery manager or some other manager.
IRemoteRequest is the interface class for the remote requests and responses
Interface for a renewal policy rule.
An interface represents a generic repository.
An interface represents a generic repository record.
An interface representing a request parser which converts Java request object into name value pairs and vice versa.
This represents a rquest encoder that serializes and deserializes a request to a Remote Authority so that it can be sent through the connector.
An interface providing a list of RequestIds that match some criteria.
An interface that defines abilities of request listener,
IRequestNotifier interface defines methods to register listeners,
This is an interface to a request scheduler that prioritizes the threads based on the request processing order.
This interface defines access to request virtual list.
Resend requests at intervals to the server to ensure completion of requests.
Interface for a revocation policy rule.
This interface defines the abstraction for the cookie table.
This class defines the interface of an individual self test.
This class defines the interface of a container for self tests.
This interface defines how requests are serviced.
Shared Token interface.
 
This interface represents an object that captures the SSL client certificate in a SSL session.
Exception to throw during CA creation when requested CA (issuer DN) already exists.
A class represents a internal subsystem.
An interface represents a storage key unit.
Class that can be used to form general names from configuration file.
An interface represents a CMS subsystem.
An interface represents a Registration Authority that is responsible for certificate enrollment operations.
An interface represents a generic token unit.
An interface represents the transport key pair.
Interface for a publisher that has the capability of publishing cross certs
 
A class to retrieve passwords through a modal Java dialog box
class representing one Job cron information
This class represents a job plugin registered with the JobScheduler.
A class representing an administration servlet for the Jobs Scheduler and it's scheduled jobs.
A class represents a resource bundle for the Jobs package
This is a daemon thread that handles scheduled jobs like cron would do with different jobs.
 
Implement this interface to provide default methods to serialize an object to/from JSON
Uses NSS ssl socket.
Subsystem for initializing JSS
 
 
 
Represents a Key stored in the DRM.
 
This class represents a container for storaging data in the security package.
This class provides all the base methods to generate the key for different kinds of certificates.
 
 
A class represents a collection of key record specific schema information.
Class to define the common attributes and methods used by SymKeyGenerationRequest and AsymKeyGenerationRequest
The KeyGenInfo represents the information generated by the KeyGen tag of the HTML forms.
This class implements the key generation input that populates parameters to the enrollment page for key generation.
KeyGenProcess parses Certificate request matching the KEYGEN tag format used by Netscape Communicator 4.x
RFC 2560:
A Template for decoding ResponseBytes.
The KeyId class represents the identifier for a particular key record.
 
 
 
A class represents a Key record.
A class represents a list of key records.
Output a 'pretty print' of a Key Archival record
 
 
 
 
 
 
 
A class represents key state.
A class represents a key state mapper.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
A class represents a resource bundle for KRA subsystem.
 
 
The KRATool class is a utility program designed to operate on an LDIF file to perform one or more of the following tasks:
KRA transport certificate
This class represents an expression of the form .
A LDAP connection that is bound to a server host, port and secure type.
Factory for getting LDAP Connections to a LDAP server each connection is a seperate thread that can be bound to a different authentication dn and password.
 
class for reading ldap authentication info from config store
A LDAP connection that is bound to a server host, port, secure type.
Factory for getting LDAP Connections to a LDAP server with the same LDAP authentication.
Interface for publishing a CA certificate to
Maps a request to an entry in the LDAP server.
Maps a X509 certificate to a LDAP entry using AVAs in the certificate's subject name to form the ldap search dn and filter.
Maps a X509 certificate to a LDAP entry by using the subject name of the certificate as the LDAP entry DN.
module for publishing a cross certificate pair to ldap crossCertificatePair attribute
Class that represents the result of a Ldap Mapping operation.
Maps a X509 certificate to a LDAP entry by finding an LDAP entry which has an attribute whose contents are equal to the cert subject name.
Interface for mapping a X509 certificate to a LDAP entry Publishes a certificate as binary and its subject name.
 
LDAPConfigStorage: Extends ConfigStore with methods to load/save from/to file for persistent storage.
 
 
class for reading ldap connection from the config store.
 
Default crl mapper.
For publishing master or global CRL.
This class implements LDAP database.
Maps a Subject name to an entry in the LDAP server.
class for forming search filters for ldap searching from name=value components.
Maps a request to an entry in the LDAP server.
 
A class represents a filter converter that understands how to convert a attribute type from one defintion to another.
This class represents an Or expression of the form (var1 op val1 OR var2 op val2).
 
Default implementation of predicate parser.
A class represents a registry where all the schema (object classes and attribute) information is stored.
A resource bundle for ldap subsystem.
The publishing rule which associates a Publisher with a Mapper.
This object stores the values for IP, uid and group based on the cookie id in LDAP.
A class represents the database session.
This class represents an expression of the form , , , , , .
Maps a request to an entry in the LDAP server.
Interface for mapping a X509 certificate to a LDAP entry
 
 
This class represents a registered listener plugin.
A class represents a resource bundle for the listeners package.
 
 
 
 
 
A class representings an administration servlet for logging subsystem.
 
A log entry of LogFile
 
 
A log event listener which write logs to log files
A class represents certificate server logger implementation.
 
 
 
 
 
This class represents a registered logger plugin.
A class represents a log queue.
This is the fallback resource bundle for all log events.
 
A class represents a log subsystem.
A class represents ann attribute mapper that maps a Java Long object into LDAP attribute, and vice versa.
This class handles mail notification via SMTP.
 
 
ManualAuthentication is an enrollment policy that queues all requests for issuing agent's approval if no authentication is present.
class for parsing a DN pattern used to construct a ldap dn from request attributes and cert subject name.
This class represents a registered mapper plugin.
Class representing a LdapMapper.
 
Factors out common function of formatting internatinalized messages taking arguments and using java.util.ResourceBundle and java.text.MessageFormat mechanism.
A class representing a meta attribute defintion.
A class represents meta information.
A class represent mapper for metainfo attribute.
A class represents a modification.
A class represents a modification set.
 
RFC 2560:
A Template for decoding ResponseBytes.
A class represents an ordered list of name value pairs.
This is the base class for network clients.
 
 
No Map
This class provides a limited storage for nonces.
A class represents a resource bundle for the Mail Notification package
This class implements the certificate request input from TPS.
This class implements the certificate request input from TPS.
This class implements the output plugin that outputs DER for the issued certificate for token keys
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
This authentication does nothing but just returns an empty authToken.
 
 
A class represents ann attribute mapper that maps a Java object into LDAP attribute, and vice versa.
 
 
 
 
This class implements an OCSP command line interface.
 
This class implements an OCSP utility.
This publisher writes certificate and CRL into a directory.
 
 
RFC 2560:
A Template for decoding OCSPRequest.
RFC 2560:
A Template for decoding an OCSPResponse.
RFC 2560:
A Template for decoding an OCSPResponseStatus.
Process OCSP messages, According to RFC 2560 See http://www.ietf.org/rfc/rfc2560.txt
OCSP signing certificate.
 
 
This interface defines all the administration operations used in the administration protocol between the console and the server.
This class represents an Or expression of the form (var1 op val1 OR var2 op val2).
Certificate Server admin authentication.
Tool for interacting with the PWcache
This class checks the given password if it meets the specific requirements.
A class represents a resource bundle for the password checker.
 
http://brianoneill.blogspot.in/2011/11/patch-methods-on-jax-rs.html
This is a generic pattern subtitution engine.
 
This represnets a listener that removes pin from LDAP directory.
Generates an ECC or RSA key pair in the security database, constructs a PKCS#10 certificate request with the public key, and outputs the request to a file.
PKCS10Processor process Certificate Requests in PKCS10 format, as defined here: http://www.rsasecurity.com/rsalabs/pkcs/pkcs-10/index.html
 
 
 
 
 
 
 
 
 
 
Deprecated.
Replaced by PKCS12CertImportCLI.
 
 
 
 
 
 
 
Tool for creating PKCS12 file
Tool for exporting NSS database into PKCS #12 file
Tool for importing NSS database from PKCS #12 file
 
 
 
This class implements the output plugin that outputs PKCS12 response for the issued certificate for Server-side keygen enrollment.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Process Certificate Requests
PKI Realm This realm provides an authentication service against PKI user database.
 
 
 
 
A class represents a PKIServer event.
A class represents a listener that listens to PKIServer event.
 
Base class for CMS RESTful resources
 
Uses HCL ssl socket.
 
 
 
This represents a generici CMS plugin.
The plugin information includes id, name, classname, and description.
This represents the registry subsystem that manages mulitple types of plugin information.
This class is an administration servlet for policy management.
 
This represents a constraint policy.
 
 
This represents a default policy that populates the request with additional values.
A (localizable) message recorded by a policy module that describes the reason for rejecting a request.
Default implementation of predicate parser.
This class defines results for policy actions.
Implements a policy set per IPolicySet interface.
uid/pwd directory based authentication manager
This servlet returns port information.
This interface defines all the prefix tags used in the administration protocol between the console and the server.
 
The PrettyPrintCert class is a utility program designed to "pretty print" a certificate.
The PrettyPrintCrl class is a utility program designed to "pretty print" a CRL.
This class will display the certificate content in predefined format.
Resource Boundle for the Pretty Print
 
Display Generic Request detail to the user.
This class implements a basic profile.
 
 
 
This interface represents an authenticator for profile.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
This interface represents a input policy which provides information on how to create the end-user enrollment page.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
This interface represents a output policy which provides information on how to build the result page for the enrollment.
 
 
This class represents a profile policy that contains a default policy and a constraint policy.
 
 
 
 
 
 
 
 
A class represents a internal subsystem.
A set of properties.
 
This class provides a mechanism to authenticate against the appropriate subsystem for the CLI command.
This is a servlet that proxies request to another servlet.
This class will display the certificate content in predefined format.
A class represents an attribute mapper that maps a public key data into LDAP attribute and vice versa.
 
 
 
This class represents a registered publisher plugin.
Controls the publishing process from the top level.
Class representing a proxy for a ILdapPublisher.
Publisher utility class.
 
 
 
 
The object to publish or unpublish: a certificate or a CRL
 
 
 
 
Show paged list of requests matching search criteria.
 
 
 
 
 
RA signing certificate
This represents raw JS parameters.
 
 
 
This servlet creates a TPS user in the CA, and it associates TPS's server certificate to the user.
This implements the administration servlet for registry subsystem.
Allow agent to turn on/off authentication managers
 
 
A class represents a replica repository.
A class represents a generic repository.
A class represents a repository record.
A class represents a collection of repository-specific schema information.
An email resolver that first checks the request email, if none, then follows by checking the subjectDN of the certificate
A class representing a request parser.
 
RFC 2560:
A Template for decoding Request.
Deprecated. 
 
The RequestId class represents the identifier for a particular request within a request queue.
A mapper between an request id object and its LDAP attribute representation
A job for the Jobs Scheduler.
 
 
 
The ARequestNotifier class implements the IRequestNotifier interface, which notifies all registered request listeners.
This class represents the request queue within the certificate server.
A request record is the stored version of a request.
TODO: what does this class provide beyond the Repository base class??
This class represents a request scheduler that prioritizes the threads based on the request processing order.
A mapper between an request state object and its LDAP attribute representation
The RequestStatus class represents the current state of a request in a request queue.
 
 
RequestSubsystem
 
 
Resend requests at intervals to the server to check if it's been completed.
 
RFC 2560:
RFC 2560:
RFC 2560:
A Template for decoding ResponseBytes.
RFC 2560:
A Template for decoding ResponseBytes.
This is a base class for some REST request/response messages.
 
 
 
 
 
A class represents a certificate revocation info.
A class represents a mapper to serialize revocation information into database.
RFC 2560:
A Template for decoding ResponseBytes.
 
A rotating log file for Certificate log events.
This class represents a registered Publishing Rule plugin.
The RunListeners class implements Runnable interface.
 
This interface defines all the operation scope used in the administration protocol between the console and the server.
 
 
 
 
 
Search for requests matching complex query filter.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
This object stores the values for IP, uid and group based on the cookie id.
 
 
 
 
 
 
 
 
This class implements a single element in an ordered list of self test instances.
 
A class represents a resource bundle for Self Tests.
 
 
 
 
 
This class implements a container for self tests.
This class implements the serial number input for renewal
This class implements input for the Server-Side Keygen Enrollment
 
 
 
 
 
 
 
 
Utility class
Pull any existing auth token from the session context.
This class specifies the context object that includes authentication environment and connection information.
 
 
 
 
SharedSecret provides methods to retrieve shared secrets between users and the server.
RFC 2560:
A Template for decoding Request.
The log event object that carries message detail of a log event that goes into the Signed Audit Event log.
A log event object for handling system messages
A class represents certificate server logger implementation.
This class implements the key generation input that populates parameters to the enrollment page for key generation.
A class represents the signing unit which is capable of signing data.
This class represents an expression of the form var = val, var val, var val, var val, var val, var val.
The Properties class represents a persistent set of properties.
RFC 2560:
A Template for decoding ResponseBytes.
This class implements the SMTP client.
This exeception is thrown when unexpected results are returned during an SMTP session.
SSL server certificate
Certificate server SSL client authentication.
SSL client based authentication.
 
 
SSL server certificate
A statistics transaction.
A class represents a internal subsystem.
 
 
A class represents ann attribute mapper that maps a Java String object into LDAP attribute, and vice versa.
A class represents ann attribute mapper that maps a Java String object into LDAP attribute, and vice versa.
 
This plugin populates text fields to the enrollment page so that SAN parameters can be collected from the user.
This plugin accepts subject DN from end user.
This class implements the subject name input that populates text fields to the enrollment page so that distinguished name parameters can be collected from the user.
This class implements the submitter information input that collects certificate requestor's information such as name, email and phone.
Subsystem certificate.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
This updater class will create the new user to the subsystem group and then add the subsystem certificate to the user.
 
 
A class represents a subsystem loader.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
This class implements a self test to check the system certs of the subsystem
 
Notify of startup when systemd notification socket is available.
Displays detailed information about java VM internals, including current JVM memory usage, and detailed information about each thread.
This interface defines all the tasks used in the configuration protocol between the configuration wizard and the configuration daemon.
RFC 2560:
A Template for decoding TBSRequest.
Tool used to test out signing a CRL
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Token authentication.
 
 
 
 
 
 
 
 
Tool used to determine which external hardware tokens are visible to the Certificate System subsystem.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
This class implements that basic intefaces of transfer protocols.
This class defines low-level LDAP usr/grp management usr/grp information is located remotely on another LDAP server.
 
uid/pwd directory based authentication manager
uid/pwd/pin directory based authentication manager
 
 
RFC 2560:
A Template for decoding ResponseBytes.
 
 
A class represents a user.
A class represents a user acls evaluator.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
This class represents information about the client e.g.
 
 
 
 
 
 
 
 
A class represents a user-origreq user mapping acls evaluator.
uid/pwd directory based authentication manager
 
 
 
 
A class representing an administration servlet for User/Group Manager.
 
This object is used to easily create I18N messages for utility classes and standalone programs.
A class represents a resource bundle for miscellanous utilities
 
class storing verified certificate.
class storing verified certificates.
 
 
A class represents ann attribute mapper that maps a Java X500Name object into LDAP attribute, and vice versa.
Subsystem for configuring X500Name related things.
A class represents a mapper to serialize x509 certificate into database.
Deprecated, for removal: This API element is subject to removal in a future version.