All Classes and Interfaces
Class
Description
An abstract class represents an authorization manager that governs the
access of internal resources such as servlets.
A class represents an access control list (ACL).
Manage Access Control List configuration
A class represents an ACI entry of an access control list.
A class represents a resource bundle for the remote admin.
A class represents an administration servlet that
is responsible to serve administrative
operation such as configuration parameter updates.
The AgentApproval class contains the record of a
single agent approval.
A collection of AgentApproval objects.
Certificate server agent authentication.
This abstract class is a base job for real job extentions for the
Jobs Scheduler.
This class represents an expression of the form
.
The abstract policy rule that concrete implementations will
extend.
This class represents a set of indexed arguments.
This class represents a list of arguments
that will be returned to the end-user via
the template framework.
This class represents a set of arguments.
This class represents a string-based argument.
This class implements an individual self test.
Assertion exceptions are thrown when assertion code is invoked
and fails to operate properly.
A locking mechanism for loading or reloading an initially
unknown number of items.
The AtoB class is a utility program designed to "translate" an ASCII
BASE 64 encoded blob into a BINARY BASE 64 encoded blob.
AttributeNameHelper.
This class represents a collection of attribute
sets.
The log event object that carries message detail of a log event
that goes into the Transaction log.
A log event object for handling audit messages
Define audit log message format.
Tool for verifying signed audit logs
A class representing an administration servlet for the
Authentication Management subsystem.
Authentication Credentials as input to the authMgr.
Authentication Credentials as input to the authMgr
Authentication Credentials as input to the authMgr
Authentication Manager interface.
A class represents an authentication manager.
This class represents a registered authentication manager plugin.
Identifier for a CertificateAuthority.
Default authentication subsystem
Authentication token returned by Authentication Managers.
A class represents an authorization manager.
This class represents a registered authorization manager plugin.
Default authorization subsystem
Authorization token returned by Authorization Managers.
A class represents a resource bundle for the entire
system.
This class represents a basic subsystem.
A class for basic acls authorization manager
RFC 2560:
A Template for decoding
ResponseBytes
.A class represents ann attribute mapper that maps
a Java BigInteger object into LDAP attribute,
and vice versa.
The BtoA class is a utility program designed to "translate" a BINARY
BASE 64 encoded blob into an ASCII BASE 64 encoded blob.
A class represents ann attribute mapper that maps
a Java byte array object into LDAP attribute,
and vice versa.
Exception to throw when a (sub-)CA cannot perform an operation
because it is disabled.
Exception to throw when an operation cannot be performed because
the CA to which the operation pertains is enabled.
Exception to throw when a (sub-)CA's signing certificate is not
(yet) present in the local NSSDB.
Exception to throw when a (sub-)CA's signing key is not (yet)
present in the local NSSDB.
Exception to throw when a (sub-)CA cannot be found.
Exception to throw when an operation cannot be performed because
the CA to which the operation pertains is not a leaf CA (ie, has
sub-CAs).
A class represents a resource bundle for CA subsystem.
CA signing certificate.
Exception to throw when an operation cannot be completed
because the CA is the wrong type (e.g., an operation that
only applies to lightweight CAs).
Compares validity dates for use in sorting.
A class represents a collection of certificate record
specific schema information.
This interface defines a strategy on how to match
the incoming certificate(s) with the certificate(s)
in the scope.
The CertId class represents the identifier for a particular
cert record.
RFC 2560:
A Template for decoding a
CertID
.This base class provides methods to import CA signing cert or get certificate
request.
A classrepresents a certificate repository.
This class defines the strong authentication basic elements,
the X509 certificates.
This class implements the pretty print certificate output
that displays the issued certificate in a pretty print format.
This class will display the certificate content in predefined
format.
A class represents a serializable certificate record.
A class represents a list of certificate records.
This class implements the certificate request input.
RFC 2560:
Certificate server agent authentication.
This interface defines a certificate mapping strategy to locate
a user
Utility class with assorted methods to check for
smime pairs, determining the type of cert - signature
or encryption ..etc.
Challenge phrase based authentication.
Redirect a request to the Master.
Clone servlet - part of the Clone Authority (CLA)
processes Revoked certs from its dependant clone CAs
service request and return status.
UID/CMC authentication plug-in
This class implements the certificate request input.
Tool for signing PKCS #10 , return CMC enrollment request
Process CMC messages according to RFC 2797
See http://www.ietf.org/rfc/rfc2797.txt
Tool for creating CMC full request
Tool for parsing a CMC response
Tool for signing a CMC revocation request with an agent's certificate.
A command-line utility used to take a passphrase as an input and
generate an encrypted entry for ldap entry
This represents the CMS server.
A class representings an administration servlet.
This represents a Authority Information Access CRL extension.
This represents a certificate issuer extension.
This represents a CRL reason extension.
CMS extension class, for creating extensions from http input and
displaying extensions to html forms.
Loads extension classes from configuration file and return
for a given extension name or OID.
CMSFile represents a file from the filesystem cached in memory
CMSFileLoader - file cache.
This represents a freshest CRL extension.
This class is to hold some general method for servlets.
A class represents a resource bundle for cms gateway.
This represents a hold instruction extension.
This represents a invalidity date extension.
This represents a issuer alternative name extension.
This represents a issuing distribution point extension.
handy class containing cms templates to load and fill.
This represents a user request.
This is the base class of all CS servlet.
This servlet is started by the web server at startup, and
it starts the CMS framework.
File templates.
Holds template parameters
Command queue for registration and unregistration process for clean shutdown.
This interface contains constants that are used
in the protocol between the configuration daemon
and UI configuration wizard.
A class represents a in-memory configuration store.
Utility class for functions to be used by the RESTful installer.
Connector servlet
process requests from remote authority -
service request or return status.
This interface contains constants that are shared
by certificate server and its client SDK.
A class represents a credential.
A class represents a collection of schema information
for CRL.
A class represents a CRL issuing point record.
This class will display the certificate content in predefined
format.
A command-line utility used to generate a Certificate Request Message
Format (CRMF) request with proof of possesion (POP).
Process CRMF requests, according to RFC 2511
See http://www.ietf.org/rfc/rfc2511.txt
class representing one Job cron item
class representing one Job cron element
An abstract class defining the functionality to be provided by
sub classes to perform cryptographic operations.
This class implements in-memory database which is stored in CS.cfg.
This class implements in-memory database.
A class represents ann attribute mapper that maps
a Java Date array object into LDAP attribute,
and vice versa.
A class represents ann attribute mapper that maps
a Java Date object into LDAP attribute,
and vice versa.
A class represents an attribute mapper.
A class representing a dynamic attribute mapper.
A class represents a registry where all the
schema (object classes and attribute) information
is stored.
A class represents a resource bundle for DBS subsystem.
A class represents the search results.
An interface represents the database session.
A class represents the database subsystem that manages
the backend data storage.
A class represents ann attribute mapper that maps
a Java BigInteger object into LDAP attribute,
and vice versa.
A class represents a virtual list of search results.
This interface represents a property descriptor.
This interface defines all the operation destination
used in the administration protocol between the
console and the server.
A class for ldap acls based authorization manager
The ldap server used for acls is the cms internal ldap db.
'Face-to-face' certificate enrollment.
Abstract class for directory based authentication managers
Uses a pattern for formulating subject names.
For Face-to-face enrollment, disable EE enrollment feature
Servlet to report the status, ie, the agent-initiated user
enrollment is enabled or disabled.
This is the servlet that displays the html page for the corresponding input id.
class for parsing a DN pattern used to construct a certificate
subject name from ldap attributes and dn.
This class implements the dual key generation input.
Return some javascript to the request which contains the list of
dynamic data in the CMS system.
A class represents an acls exception.
This class represents authentication exceptions.
An exception for authentication internal error.
Exception for authentication manager not found.
Exception for authentication manager not found.
Exception for invalid attribute value
Exception for authorization failure
This class represents authorization exceptions.
An exception for internal error for authorization.
Exception for authorization manager not found.
Exception for authorization manager plugin not found.
Exception for operation unknown to the authorization manager
Exception for protected resource unknown to the authorization manager
An exception with localizable error messages.
A class represents a CA exception.
This represents a profile specific exception for handling
CMC badIdentity condition.
This represents a profile specific exception for handling
CMC badMessageCheck condition.
This represents a profile specific exception for handling
CMC badRequest condition.
This represents a profile specific exception for handling
CMC popFailed condition.
This represents a profile specific exception for handling
CMC popRequired condition.
This represents a profile specific exception for handling
CMC unsupportedExt condition.
A class represents a CMS gateway exception.
An exception for DN component syntax error.
This type of exception is thrown in cases where an parsing
error is found while evaluating a PKI component.
A class represents a database exception.
Indicates internal db is down.
Indicates internal db is down.
This represents a profile specific exception.
This class implements a duplicate self test exception.
A class represents a CA exception associated with publishing error.
This represents the extensions exception.
An exception for Error formulating the subject name (X500Name)
An exception for invalid credentials.
This class implements an invalid self test exception.
A class represents a jobs exception.
A class represents a KRA exception.
A class that represents a Ldap exception.
This represents exception which indicates Ldap server is down.
A class represents a listener exception.
This class implements a Log exception.
Exception for log not found.
Exception for log plugin not found.
formulates the final email.
Email resolver keys as input to email resolvers
Files to be processed and returned to the requested parties.
Exception for Publish Mapper not found.
Exception for Mapper Plugin not found.
Exception for missing a required authentication credential.
This class implements a missing self test exception.
For Face-to-face enrollment, enable EE enrollment feature
This class implements the key generation input that
populates parameters to the enrollment page for
key generation.
A class represents a notification exception.
This class implements the base enrollment input.
This class implements the basic enrollment output.
This class implements a generic enrollment profile.
A class represents a password checker exception.
This class represents Exceptions used by the policy package.
This represents a generic profile exception.
This is the base exception for property handling.
This class represents an exception thrown when a
property is not defined (empty string) the configuration store.
This class represents an exception thrown when a
property is not found in the configuration store.
Exception for Publisher not found.
Exception for Publisher Plugin not found.
This represents a registry exception.
This represents a profile specific exception.
Exception for Ldap Publishing Rule not found.
Exception for Publisher Rule plugin not found.
This class implements a self test exception.
A class represents a Identity exception.
This interface defines a strategy on how to match
the incoming certificate(s) with the certificate(s)
in the scope.
Maps dynamic data for the extData- prefix to and from the extData Hashtable
in RequestRecord.
Subclass of Hashtable returned by Request.getExtDataInHashtable.
Plugin which can return extended information to console
This represents the resources for extensions.
Authentication token that wraps an externally authenticated
principal to return.
This program joins a sequence of extensions together
so that the final output can be used in configuration
wizard for specifing extra extensions in default
certificates (i.e.
This class will display the certificate content in predefined
format.
This publisher writes certificate and CRL into
a directory.
FileConfigStorage:
Extends ConfigStore with methods to load/save from/to file for
persistent storage.
checks the filename and directory with the specified filter
checks with multiple "*".
This class implements the image
input that collects a picture.
This represents the authentication manager that authenticates
user against a file where id, and password are stored.
convenience class for policies use.
convenience class for policies use.
Class that can be used to form general names from configuration file.
This class implements a generic input.
This is a Generic policy processor.
Default error template filler
Generates a DER-encoded Extended Key Usage extension.
This program generates an issuer alternative name extension
in base-64 encoding.
default Pending template filler
default Service Pending template filler
This program generates an subject alternative name extension
in base-64 encoding.
default Success template filler
default Service Pending template filler
default Unauthorized template filler
default unexpected error template filler
Retrieve information about the number of OCSP requests the OCSP
has serviced
Retrieve information.
RFC 2560:
A Template for decoding
ResponseBytes
.A class represents a group.
A class represents a group acls evaluator.
The structure stores the information of which machine is enabled for
the agent-initiated user enrollment, and whom agents enable this feature,
and the value of the timeout.
Hash uid/pwd directory based authentication manager
This class implements a CMC Enroll client for testing.
basic http client.
Factory for getting HTTP Connections to a HTTPO server
Basic HTTP Message, excluding message body.
simple name/value pair message.
Basic HTTP Request.
encodes a request by serializing it.
Basic HTTP Response.
A class represents an evaluator.
A class represents an access control list (ACL).
A class represents an entry of access control list.
This interface defines the abstraction for the generic collection
of attributes indexed by string names.
This interface presents a generic argument value.
This interface defines the abstraction for the generic collection
of attributes indexed by string names.
An interface represents authentication credentials:
e.g.
An interface represents an authentication context.
Authority interface.
AuthToken interface.
Authorization Manager interface needs to be implemented by all
authorization managers.
An interface represents a Certificate Authority that is
responsible for certificate specific operations.
This interface represents a certificate pretty print
handler.
An interface representing a CRL extension plugin.
An interface representing a list of CRL extensions.
This interface represents a template filler.
This interface provides a standard way to describe
a set of configuration parameters and its associated syntax.
This interface represents a connector that forwards
CMS requests to a remote authority.
An interface that defines abilities of
a CRL issuing point record.
This interface represents a CRL pretty print handler.
Interface for handling cross certs
This interface represents the cryptographics subsystem
that provides all the security related functions.
this class represents the callback interface between
the client package and the data storage object (data model)
An interface represents a database object
that is serializable.
A class represents the search results.
A interface represents a virtual list of search results.
This interface represents a property descriptor.
Processor handles object read from the session.
formulates the final email.
An email resolver that first checks the request email, if none,
then follows by checking the subjectDN of the certificate
An interface represents email resolver (ordered) keys for resolving
emails
e.g.
Files to be processed and returned to the requested parties.
An interface represents a encryption unit.
Interface for an enrollment policy rule.
Interface for a policy expression.
Plugin which can return extended information to console
This class will display the certificate content in predefined
format.
An interface represents a filter converter
that understands how to convert a attribute
type from one defintion to another.
Class that can be used to form general names from configuration file.
Class that can be used to form general names from configuration file.
Class that can be used to form general names from configuration file.
Class that can be used to form general names from configuration file.
Class that can be used to form general names from configuration file.
This represents a HTTP connection to a remote authority.
This represents a Http PKI message.
An interface to be implemented from for a job to be scheduled by
the Jobs Scheduler.
class representing one Job cron information
Interface for a key recovery policy rule.
An interface contains constants for key record.
A class represents a list of key records.
An interface represents key recovery authority.
Interface for a key recovery policy rule.
An interface represents a Key repository.
An interface representing a recovery service.
Interface for mapping a X509 certificate to a LDAP entry.
Maintains a pool of connections to the LDAP server.
Class on behalf of the Publishing system that controls an instance of an ILdapConnFactory.
Interface for mapping a CRL to a LDAP entry.
Interface for a Ldap predicate expression.
Interface for mapping a X509 certificate to a LDAP entry.
Interface for any Ldap plugin.
Interface for any ldap plugin.
Interface for publishing certificate or crl to database store.
An interface which all loggable events must implement.
An interface represents a log event factory.
An interface represents a log event listener.
An interface represents a logger for certificate server.
An interface that represents a logging component.
This class implements the image
input that collects a picture.
This class handles mail notification via SMTP.
This is the servlet that builds the index page in
various ports.
A class represents a certificate server kernel.
The INotify interface defines operations that are invoked
when a request is completely processed.
A class represents ann attribute mapper that maps
a Java Integer object into LDAP attribute,
and vice versa.
This class represents the primary interface for the Online Certificate
Status Protocol (OCSP) server.
This class represents the servlet that serves the Online Certificate
Status Protocol (OCSP) requests.
A class represents a IP address acls evaluator.
Password quality checker interface.
Messages that are serialized and go over the wire.
This represents the request parser.
This interface represents a plugin instance.
The plugin information includes name,
class name, and description.
Interface to a policy.
Interface for policy predicate parsers.
A generic interface for a policy processor.
Interface for a policy rule.
Represents a set of policy rules.
This class will display the certificate content in predefined
format.
This interface represents an updater that will be
called when the request's state changes.
An interface represents a proof of archival.
This represents raw JS parameters.
This represents a remote authority that can be
a certificate manager, or key recovery manager or
some other manager.
IRemoteRequest is the interface class for the remote
requests and responses
Interface for a renewal policy rule.
An interface represents a generic repository.
An interface represents a generic repository record.
An interface representing a request parser which
converts Java request object into name value
pairs and vice versa.
This represents a rquest encoder that serializes and
deserializes a request to a Remote Authority so that it can be sent through
the connector.
An interface providing a list of RequestIds that match
some criteria.
An interface that defines abilities of request listener,
IRequestNotifier interface defines methods to register listeners,
This is an interface to a request scheduler that prioritizes
the threads based on the request processing order.
This interface defines access to request virtual list.
Resend requests at intervals to the server to ensure completion of requests.
Interface for a revocation policy rule.
This interface defines the abstraction for the cookie table.
This class defines the interface of an individual self test.
This class defines the interface of a container for self tests.
This interface defines how requests are serviced.
Shared Token interface.
This interface represents an object that captures the
SSL client certificate in a SSL session.
Exception to throw during CA creation when requested CA
(issuer DN) already exists.
A class represents a internal subsystem.
An interface represents a storage key unit.
Class that can be used to form general names from configuration file.
An interface represents a CMS subsystem.
An interface represents a Registration Authority that is
responsible for certificate enrollment operations.
An interface represents a generic token unit.
An interface represents the transport key pair.
Interface for a publisher that has the capability of publishing
cross certs
A class to retrieve passwords through a modal Java dialog box
class representing one Job cron information
This class represents a job plugin registered with the
JobScheduler.
A class representing an administration servlet for the
Jobs Scheduler and it's scheduled jobs.
A class represents a resource bundle for the
Jobs package
This is a daemon thread that handles scheduled jobs like cron would
do with different jobs.
Implement this interface to provide default methods to serialize an object to/from JSON
Uses NSS ssl socket.
Subsystem for initializing JSS
Represents a Key stored in the DRM.
This class represents a container for storaging
data in the security package.
This class provides all the base methods to generate the key for different
kinds of certificates.
A class represents a collection of key record
specific schema information.
Class to define the common attributes and methods used by
SymKeyGenerationRequest and AsymKeyGenerationRequest
The
KeyGenInfo
represents the information generated by
the KeyGen tag of the HTML forms.This class implements the key generation input that
populates parameters to the enrollment page for
key generation.
KeyGenProcess parses Certificate request matching the
KEYGEN tag format used by Netscape Communicator 4.x
RFC 2560:
A Template for decoding
ResponseBytes
.The KeyId class represents the identifier for a particular
key record.
A class represents a Key record.
A class represents a list of key records.
Output a 'pretty print' of a Key Archival record
A class represents key state.
A class represents a key state mapper.
A class represents a resource bundle for KRA subsystem.
The KRATool class is a utility program designed to operate on an LDIF file
to perform one or more of the following tasks:
KRA transport certificate
This class represents an expression of the form
.
A LDAP connection that is bound to a server host, port and secure type.
Factory for getting LDAP Connections to a LDAP server
each connection is a seperate thread that can be bound to a different
authentication dn and password.
class for reading ldap authentication info from config store
A LDAP connection that is bound to a server host, port, secure type.
Factory for getting LDAP Connections to a LDAP server with the same
LDAP authentication.
Interface for publishing a CA certificate to
Maps a request to an entry in the LDAP server.
Maps a X509 certificate to a LDAP entry using AVAs in the certificate's
subject name to form the ldap search dn and filter.
Maps a X509 certificate to a LDAP entry by using the subject name
of the certificate as the LDAP entry DN.
module for publishing a cross certificate pair to ldap
crossCertificatePair attribute
Class that represents the result of a Ldap Mapping operation.
Maps a X509 certificate to a LDAP entry by finding an LDAP entry
which has an attribute whose contents are equal to the cert subject name.
Interface for mapping a X509 certificate to a LDAP entry
Publishes a certificate as binary and its subject name.
LDAPConfigStorage:
Extends ConfigStore with methods to load/save from/to file for
persistent storage.
class for reading ldap connection from the config store.
Default crl mapper.
For publishing master or global CRL.
This class implements LDAP database.
Maps a Subject name to an entry in the LDAP server.
class for forming search filters for ldap searching from
name=value components.
Maps a request to an entry in the LDAP server.
A class represents a filter converter
that understands how to convert a attribute
type from one defintion to another.
This class represents an Or expression of the form
(var1 op val1 OR var2 op val2).
Default implementation of predicate parser.
A class represents a registry where all the
schema (object classes and attribute) information
is stored.
A resource bundle for ldap subsystem.
The publishing rule which associates a Publisher with a Mapper.
This object stores the values for IP, uid and group based on the cookie id in LDAP.
A class represents the database session.
This class represents an expression of the form ,
, , , , .
Maps a request to an entry in the LDAP server.
Interface for mapping a X509 certificate to a LDAP entry
This class represents a registered listener plugin.
A class represents a resource bundle for the
listeners package.
A class representings an administration servlet for logging
subsystem.
A log entry of LogFile
A log event listener which write logs to log files
A class represents certificate server logger
implementation.
This class represents a registered logger plugin.
A class represents a log queue.
This is the fallback resource bundle for all log events.
A class represents a log subsystem.
A class represents ann attribute mapper that maps
a Java Long object into LDAP attribute,
and vice versa.
This class handles mail notification via SMTP.
ManualAuthentication is an enrollment policy that queues
all requests for issuing agent's approval if no authentication
is present.
class for parsing a DN pattern used to construct a ldap dn from
request attributes and cert subject name.
This class represents a registered mapper plugin.
Class representing a LdapMapper.
Factors out common function of formatting internatinalized
messages taking arguments and using java.util.ResourceBundle
and java.text.MessageFormat mechanism.
A class representing a meta attribute defintion.
A class represents meta information.
A class represent mapper for metainfo attribute.
A class represents a modification.
A class represents a modification set.
RFC 2560:
A Template for decoding
ResponseBytes
.A class represents an ordered list of name
value pairs.
This is the base class for network clients.
No Map
This class provides a limited storage for nonces.
A class represents a resource bundle for the
Mail Notification package
This class implements the certificate request input from TPS.
This class implements the certificate request input from TPS.
This class implements the output plugin that outputs
DER for the issued certificate for token keys
This authentication does nothing but just returns an empty authToken.
A class represents ann attribute mapper that maps
a Java object into LDAP attribute,
and vice versa.
This class implements an OCSP command line interface.
This class implements an OCSP utility.
This publisher writes certificate and CRL into
a directory.
RFC 2560:
A Template for decoding OCSPRequest.
RFC 2560:
A Template for decoding an
OCSPResponse
.RFC 2560:
A Template for decoding an
OCSPResponseStatus
.Process OCSP messages, According to RFC 2560
See http://www.ietf.org/rfc/rfc2560.txt
OCSP signing certificate.
This interface defines all the administration operations
used in the administration protocol between the console
and the server.
This class represents an Or expression of the form
(var1 op val1 OR var2 op val2).
Certificate Server admin authentication.
Tool for interacting with the PWcache
This class checks the given password if it meets the specific requirements.
A class represents a resource bundle for the password checker.
http://brianoneill.blogspot.in/2011/11/patch-methods-on-jax-rs.html
This is a generic pattern subtitution engine.
This represnets a listener that removes pin from LDAP directory.
Generates an ECC or RSA key pair in the security database, constructs a
PKCS#10 certificate request with the public key, and outputs the request
to a file.
PKCS10Processor process Certificate Requests in
PKCS10 format, as defined here:
http://www.rsasecurity.com/rsalabs/pkcs/pkcs-10/index.html
Deprecated.
Replaced by PKCS12CertImportCLI.
Tool for creating PKCS12 file
Tool for exporting NSS database into PKCS #12 file
Tool for importing NSS database from PKCS #12 file
This class implements the output plugin that outputs
PKCS12 response for the issued certificate for Server-side keygen enrollment.
Process Certificate Requests
PKI Realm
This realm provides an authentication service against PKI user database.
A class represents a PKIServer event.
A class represents a listener that listens to
PKIServer event.
Base class for CMS RESTful resources
Uses HCL ssl socket.
This represents a generici CMS plugin.
The plugin information includes id, name,
classname, and description.
This represents the registry subsystem that manages
mulitple types of plugin information.
This class is an administration servlet for policy management.
This represents a constraint policy.
This represents a default policy that populates
the request with additional values.
A (localizable) message recorded by a policy module that describes
the reason for rejecting a request.
Default implementation of predicate parser.
This class defines results for policy actions.
Implements a policy set per IPolicySet interface.
uid/pwd directory based authentication manager
This servlet returns port information.
This interface defines all the prefix tags
used in the administration protocol between
the console and the server.
The PrettyPrintCert class is a utility program designed to "pretty print"
a certificate.
The PrettyPrintCrl class is a utility program designed to "pretty print"
a CRL.
This class will display the certificate content in predefined
format.
Resource Boundle for the Pretty Print
Display Generic Request detail to the user.
This class implements a basic profile.
This interface represents an authenticator for profile.
This interface represents a input policy which
provides information on how to create the
end-user enrollment page.
This interface represents a output policy which
provides information on how to build the result
page for the enrollment.
This class represents a profile policy that
contains a default policy and a constraint
policy.
A class represents a internal subsystem.
A set of properties.
This class provides a mechanism to authenticate against
the appropriate subsystem for the CLI command.
This is a servlet that proxies request to another servlet.
This class will display the certificate content in predefined
format.
A class represents an attribute mapper that maps
a public key data into LDAP attribute and
vice versa.
This class represents a registered publisher plugin.
Controls the publishing process from the top level.
Class representing a proxy for a ILdapPublisher.
Publisher utility class.
The object to publish or unpublish: a certificate or a CRL
Show paged list of requests matching search criteria.
RA signing certificate
This represents raw JS parameters.
This servlet creates a TPS user in the CA,
and it associates TPS's server certificate to
the user.
This implements the administration servlet for registry subsystem.
Allow agent to turn on/off authentication managers
A class represents a replica repository.
A class represents a generic repository.
A class represents a repository record.
A class represents a collection of repository-specific
schema information.
An email resolver that first checks the request email, if none,
then follows by checking the subjectDN of the certificate
A class representing a request parser.
RFC 2560:
A Template for decoding Request.
Deprecated.
The RequestId class represents the identifier for a particular
request within a request queue.
A mapper between an request id object and
its LDAP attribute representation
A job for the Jobs Scheduler.
The ARequestNotifier class implements the IRequestNotifier interface,
which notifies all registered request listeners.
This class represents the request queue within the
certificate server.
A request record is the stored version of a request.
TODO: what does this class provide beyond the Repository
base class??
This class represents a request scheduler that prioritizes
the threads based on the request processing order.
A mapper between an request state object and
its LDAP attribute representation
The RequestStatus class represents the current state of a request
in a request queue.
RequestSubsystem
Resend requests at intervals to the server to check if it's been completed.
RFC 2560:
RFC 2560:
RFC 2560:
A Template for decoding
ResponseBytes
.RFC 2560:
A Template for decoding
ResponseBytes
.This is a base class for some REST request/response messages.
A class represents a certificate revocation info.
A class represents a mapper to serialize
revocation information into database.
RFC 2560:
A Template for decoding
ResponseBytes
.A rotating log file for Certificate log events.
This class represents a registered Publishing Rule plugin.
The RunListeners class implements Runnable interface.
This interface defines all the operation scope
used in the administration protocol between the
console and the server.
Search for requests matching complex query filter.
This object stores the values for IP, uid and group based on the cookie id.
This class implements a single element in
an ordered list of self test instances.
A class represents a resource bundle for Self Tests.
This class implements a container for self tests.
This class implements the serial number input
for renewal
This class implements input for the Server-Side Keygen Enrollment
Utility class
Pull any existing auth token from the session context.
This class specifies the context object that includes
authentication environment and connection information.
SharedSecret provides methods to retrieve shared secrets between users and
the server.
RFC 2560:
A Template for decoding Request.
The log event object that carries message detail of a log event
that goes into the Signed Audit Event log.
A log event object for handling system messages
A class represents certificate server logger
implementation.
This class implements the key generation input that
populates parameters to the enrollment page for
key generation.
A class represents the signing unit which is
capable of signing data.
This class represents an expression of the form var = val,
var val, var val, var val, var val, var val.
The
Properties
class represents a persistent set of
properties.RFC 2560:
A Template for decoding
ResponseBytes
.This class implements the SMTP client.
This exeception is thrown when unexpected results are returned during
an SMTP session.
SSL server certificate
Certificate server SSL client authentication.
SSL client based authentication.
SSL server certificate
A statistics transaction.
A class represents a internal subsystem.
A class represents ann attribute mapper that maps
a Java String object into LDAP attribute,
and vice versa.
A class represents ann attribute mapper that maps
a Java String object into LDAP attribute,
and vice versa.
This plugin populates text fields to the enrollment
page so that SAN parameters
can be collected from the user.
This plugin accepts subject DN from end user.
This class implements the subject name input
that populates text fields to the enrollment
page so that distinguished name parameters
can be collected from the user.
This class implements the submitter information
input that collects certificate requestor's
information such as name, email and phone.
Subsystem certificate.
This updater class will create the new user to the subsystem group and
then add the subsystem certificate to the user.
A class represents a subsystem loader.
This class implements a self test to check the system certs
of the subsystem
Notify of startup when systemd notification socket is available.
Displays detailed information about java VM internals, including
current JVM memory usage, and detailed information about each
thread.
This interface defines all the tasks used in
the configuration protocol between the
configuration wizard and the configuration
daemon.
RFC 2560:
A Template for decoding TBSRequest.
Tool used to test out signing a CRL
Token authentication.
Tool used to determine which external hardware tokens are visible to the
Certificate System subsystem.
This class implements that basic intefaces of transfer protocols.
This class defines low-level LDAP usr/grp management
usr/grp information is located remotely on another
LDAP server.
uid/pwd directory based authentication manager
uid/pwd/pin directory based authentication manager
RFC 2560:
A Template for decoding
ResponseBytes
.A class represents a user.
A class represents a user acls evaluator.
This class represents information about the client e.g.
A class represents a user-origreq user mapping acls evaluator.
uid/pwd directory based authentication manager
A class representing an administration servlet for
User/Group Manager.
This object is used to easily create I18N messages for utility
classes and standalone programs.
A class represents a resource bundle for miscellanous utilities
class storing verified certificate.
class storing verified certificates.
A class represents ann attribute mapper that maps
a Java X500Name object into LDAP attribute,
and vice versa.
Subsystem for configuring X500Name related things.
A class represents a mapper to serialize
x509 certificate into database.
Deprecated, for removal: This API element is subject to removal in a future version.