Package com.netscape.certsrv.dbs.certdb
Interface ICertificateRepository
-
- All Superinterfaces:
IRepository
public interface ICertificateRepository extends IRepository
An interface represents a CMS certificate repository. It stores all the issued certificate.- Version:
- $Revision$, $Date$
-
-
Field Summary
Fields Modifier and Type Field Description static int
ALL_CERTS
static int
ALL_UNREVOKED_CERTS
static int
ALL_VALID_CERTS
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
addCertificateRecord(ICertRecord record)
Adds a certificate record to the repository.boolean
containsCertificate(java.math.BigInteger serialNo)
Checks if the certificate exists in this repository.ICertRecord
createCertRecord(java.math.BigInteger id, java.security.cert.Certificate cert, MetaInfo meta)
Creates certificate record.void
deleteCertificateRecord(java.math.BigInteger serialNo)
Deletes certificate from this repository.java.util.Enumeration<X509CertImpl>
findCertificates(java.lang.String filter)
Finds all certificates given a filter.java.util.Enumeration<ICertRecord>
findCertRecords(java.lang.String filter)
Finds all certificate records given a filter.ICertRecordList
findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, int pageSize)
Finds a list of certificate records that satisifies the filter.ICertRecordList
findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, boolean hardJumpTo, java.lang.String sortKey, int pageSize)
ICertRecordList
findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String sortKey, int pageSize)
Finds a list of certificate records that satisifies the filter.ICertRecordList
findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize)
Finds a list of certificate records that satisifies the filter.ICertRecordList
findCertRecordsInListRawJumpto(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize)
Finds a list of certificate records that satisifies the filter.java.util.Enumeration<java.lang.Object>
findCertRecs(java.lang.String filter)
Finds certificate records.java.util.Enumeration<ICertRecord>
getAllRevokedCertificates()
Retrieves all revoked certificates including ones that have expired or that are not yet valid.java.util.Enumeration<ICertRecord>
getAllRevokedNonExpiredCertificates()
Retrieves all revoked but not expired certificates.boolean
getEnableRandomSerialNumbers()
Retrieves serial number management mode.java.util.Enumeration<ICertRecord>
getExpiredCertificates(java.lang.String from, java.lang.String to)
Retrieves expired certificates.java.util.Enumeration<ICertRecord>
getExpiredPublishedCertificates(java.lang.String from, java.lang.String to)
Retrieves expired and published certificates.ICertRecordList
getInvalidCertsByNotBeforeDate(java.util.Date date, int pageSize)
Gets Invalid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.void
getModifications(netscape.ldap.LDAPEntry entry)
Retrieves modified certificate records.java.math.BigInteger
getNextSerialNumber()
Retrieves the next certificate serial number, and also increases the serial number by one.java.util.Hashtable<java.lang.String,RenewableCertificateCollection>
getRenewableCertificates(java.lang.String renewalTime)
Retrieves renewable certificates.java.util.Enumeration<ICertRecord>
getRevokedCertificates(java.lang.String from, java.lang.String to)
Retrieves revoked certificates.java.util.Enumeration<ICertRecord>
getRevokedCertificates(java.util.Date asOfDate)
Retrieves all the revoked certificates that have not expired.ICertRecordList
getRevokedCertsByNotAfterDate(java.util.Date date, int pageSize)
Gets Revoked certs orderes by noAfter date, jumps to records where notAfter date is greater than current.java.util.Enumeration<ICertRecord>
getRevokedPublishedCertificates(java.lang.String from, java.lang.String to)
Retrieves revoked and published certificates.java.util.Enumeration<ICertRecord>
getValidCertificates(java.lang.String from, java.lang.String to)
Retrieves valid certificates.ICertRecordList
getValidCertsByNotAfterDate(java.util.Date date, int pageSize)
Gets valid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.java.util.Enumeration<ICertRecord>
getValidNotPublishedCertificates(java.lang.String from, java.lang.String to)
Retrieves valid and not published certificates.X509CertImpl
getX509Certificate(java.math.BigInteger serialNo)
Reads the certificate identified by the given serial no.X509CertImpl[]
getX509Certificates(java.lang.String subjectDN, int validityType)
Gets all valid and unexpired certificates pertaining to a subject DN.void
markAsRevoked(java.math.BigInteger id, IRevocationInfo info)
Marks certificate as revoked.void
markAsRevoked(java.math.BigInteger id, IRevocationInfo info, boolean isAlreadyOnHold)
Marks certificate as revoked.void
markCertificateAsNotRenewable(ICertRecord record)
Marks certificate as not renewable.void
markCertificateAsRenewable(ICertRecord record)
Marks certificate as renewable.void
markCertificateAsRenewalNotified(java.lang.String serialNo)
Marks certificate as renewed and notified.void
markCertificateAsRenewed(java.lang.String serialNo)
Marks certificate as renewed.void
modifyCertificateRecord(java.math.BigInteger serialNo, ModificationSet mods)
Modifies certificate record.ICertRecord
readCertificateRecord(java.math.BigInteger serialNo)
Reads certificate from repository.void
removeCertRecords(java.math.BigInteger beginS, java.math.BigInteger endS)
Removes certificate records with this repository.java.util.Enumeration<java.lang.Object>
searchCertificates(java.lang.String filter, int maxSize)
Finds a list of certificate records that satisifies the filter.java.util.Enumeration<ICertRecord>
searchCertificates(java.lang.String filter, int maxSize, int timeLimit)
Finds a list of certificate records that satisifies the filter.java.util.Enumeration<ICertRecord>
searchCertificates(java.lang.String filter, int maxSize, int timeLimit, java.lang.String sortAttribute)
Finds a list of certificate records that satisifies the filter.java.util.Enumeration<java.lang.Object>
searchCertificates(java.lang.String filter, int maxSize, java.lang.String sortAttribute)
Finds a list of certificate records that satisifies the filter.void
setCertStatusUpdateInterval(IRepository requestRepo, int interval, boolean listenToCloneModifications)
Sets certificate status update internalvoid
setEnableRandomSerialNumbers(boolean random, boolean updateMode, boolean forceModeChange)
Sets serial number management mode for certificates..void
shutdown()
void
unmarkRevoked(java.math.BigInteger id, IRevocationInfo info, java.util.Date revokedOn, java.lang.String revokedBy)
Unmark a revoked certificates.void
updateCertStatus()
Updates certificate status now.void
updateStatus(java.math.BigInteger id, java.lang.String status)
Updates certificate status.-
Methods inherited from interface com.netscape.certsrv.dbs.repository.IRepository
checkRanges, peekNextSerialNumber, resetSerialNumber, setEnableSerialMgmt, setMaxSerial, setNextMaxSerial
-
-
-
-
Field Detail
-
ALL_CERTS
static final int ALL_CERTS
- See Also:
- Constant Field Values
-
ALL_VALID_CERTS
static final int ALL_VALID_CERTS
- See Also:
- Constant Field Values
-
ALL_UNREVOKED_CERTS
static final int ALL_UNREVOKED_CERTS
- See Also:
- Constant Field Values
-
-
Method Detail
-
getNextSerialNumber
java.math.BigInteger getNextSerialNumber() throws EBaseException
Retrieves the next certificate serial number, and also increases the serial number by one.- Specified by:
getNextSerialNumber
in interfaceIRepository
- Returns:
- serial number
- Throws:
EBaseException
- failed to retrieve next serial number
-
addCertificateRecord
void addCertificateRecord(ICertRecord record) throws EBaseException
Adds a certificate record to the repository. Each certificate record contains four parts: certificate, meta-attributes, issue information and reovcation information.- Parameters:
record
- X.509 certificate- Throws:
EBaseException
- failed to add new certificate to the repository
-
getX509Certificate
X509CertImpl getX509Certificate(java.math.BigInteger serialNo) throws EBaseException
Reads the certificate identified by the given serial no.- Parameters:
serialNo
- serial number of certificate- Returns:
- certificate
- Throws:
EBaseException
- failed to retrieve certificate
-
readCertificateRecord
ICertRecord readCertificateRecord(java.math.BigInteger serialNo) throws EBaseException
Reads certificate from repository.- Parameters:
serialNo
- serial number of certificate- Returns:
- certificate record
- Throws:
EBaseException
- failed to retrieve certificate
-
setCertStatusUpdateInterval
void setCertStatusUpdateInterval(IRepository requestRepo, int interval, boolean listenToCloneModifications)
Sets certificate status update internal- Parameters:
requestRepo
- request repositoryinterval
- update intervallistenToCloneModifications
- enable listening to clone modifications
-
updateCertStatus
void updateCertStatus() throws EBaseException
Updates certificate status now. This is a blocking method.- Throws:
EBaseException
- failed to update
-
modifyCertificateRecord
void modifyCertificateRecord(java.math.BigInteger serialNo, ModificationSet mods) throws EBaseException
Modifies certificate record.- Parameters:
serialNo
- serial number of recordmods
- modifications- Throws:
EBaseException
- failed to modify
-
containsCertificate
boolean containsCertificate(java.math.BigInteger serialNo) throws EBaseException
Checks if the certificate exists in this repository.- Parameters:
serialNo
- serial number of certificate- Returns:
- true if it exists
- Throws:
EBaseException
- failed to check
-
deleteCertificateRecord
void deleteCertificateRecord(java.math.BigInteger serialNo) throws EBaseException
Deletes certificate from this repository.- Parameters:
serialNo
- serial number of certificate- Throws:
EBaseException
- failed to delete
-
markAsRevoked
void markAsRevoked(java.math.BigInteger id, IRevocationInfo info) throws EBaseException
Marks certificate as revoked.- Parameters:
id
- serial numberinfo
- revocation information- Throws:
EBaseException
- failed to mark
-
markAsRevoked
void markAsRevoked(java.math.BigInteger id, IRevocationInfo info, boolean isAlreadyOnHold) throws EBaseException
Marks certificate as revoked.- Parameters:
id
- serial numberinfo
- revocation informationisAlreadyOnHold
- boolean to indicate if the cert was revoked onHold- Throws:
EBaseException
- failed to mark
-
updateStatus
void updateStatus(java.math.BigInteger id, java.lang.String status) throws EBaseException
Updates certificate status.- Parameters:
id
- serial numberstatus
- certificate status- Throws:
EBaseException
- failed to update status
-
markCertificateAsRenewable
void markCertificateAsRenewable(ICertRecord record) throws EBaseException
Marks certificate as renewable.- Parameters:
record
- certificate record to modify- Throws:
EBaseException
- failed to update
-
markCertificateAsNotRenewable
void markCertificateAsNotRenewable(ICertRecord record) throws EBaseException
Marks certificate as not renewable.- Parameters:
record
- certificate record to modify- Throws:
EBaseException
- failed to update
-
markCertificateAsRenewed
void markCertificateAsRenewed(java.lang.String serialNo) throws EBaseException
Marks certificate as renewed.- Parameters:
serialNo
- certificate record to modify- Throws:
EBaseException
- failed to update
-
markCertificateAsRenewalNotified
void markCertificateAsRenewalNotified(java.lang.String serialNo) throws EBaseException
Marks certificate as renewed and notified.- Parameters:
serialNo
- certificate record to modify- Throws:
EBaseException
- failed to update
-
searchCertificates
java.util.Enumeration<java.lang.Object> searchCertificates(java.lang.String filter, int maxSize) throws EBaseException
Finds a list of certificate records that satisifies the filter. Here is a list of filter attribute can be used:certRecordId certMetaInfo certStatus certCreateTime certModifyTime x509Cert.notBefore x509Cert.notAfter x509Cert.subject
The filter should follow RFC1558 LDAP filter syntax. For example,(&(certRecordId=5)(x509Cert.notBefore=934398398))
- Parameters:
filter
- search filtermaxSize
- max size to return- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
searchCertificates
java.util.Enumeration<ICertRecord> searchCertificates(java.lang.String filter, int maxSize, int timeLimit) throws EBaseException
Finds a list of certificate records that satisifies the filter.- Parameters:
filter
- search filtermaxSize
- max size to returntimeLimit
- timeout value- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
searchCertificates
java.util.Enumeration<ICertRecord> searchCertificates(java.lang.String filter, int maxSize, int timeLimit, java.lang.String sortAttribute) throws EBaseException
Finds a list of certificate records that satisifies the filter.- Parameters:
filter
- search filtermaxSize
- max size to returntimeLimit
- timeout valuesortAttribute
- Attribute of ICertRecord to sort the results- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
searchCertificates
java.util.Enumeration<java.lang.Object> searchCertificates(java.lang.String filter, int maxSize, java.lang.String sortAttribute) throws EBaseException
Finds a list of certificate records that satisifies the filter.- Parameters:
filter
- search filtermaxSize
- max size to returnsortAttribute
- Attribute of ICertRecord to sort the results- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecordsInList
ICertRecordList findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, int pageSize) throws EBaseException
Finds a list of certificate records that satisifies the filter.- Parameters:
filter
- search filterattrs
- selected attributepageSize
- page size- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecordsInList
ICertRecordList findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String sortKey, int pageSize) throws EBaseException
Finds a list of certificate records that satisifies the filter.- Parameters:
filter
- search filterattrs
- selected attributesortKey
- key to use for sorting the returned elementspageSize
- page size- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecordsInList
ICertRecordList findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize) throws EBaseException
Finds a list of certificate records that satisifies the filter.- Parameters:
filter
- search filterattrs
- selected attributejumpTo
- jump to indexsortKey
- key to use for sorting the returned elementspageSize
- page size- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecordsInList
ICertRecordList findCertRecordsInList(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, boolean hardJumpTo, java.lang.String sortKey, int pageSize) throws EBaseException
- Throws:
EBaseException
-
findCertRecordsInListRawJumpto
ICertRecordList findCertRecordsInListRawJumpto(java.lang.String filter, java.lang.String[] attrs, java.lang.String jumpTo, java.lang.String sortKey, int pageSize) throws EBaseException
Finds a list of certificate records that satisifies the filter.- Parameters:
filter
- search filterattrs
- selected attributejumpTo
- jump to indexsortKey
- key to use for sorting the returned elementspageSize
- page size- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
getX509Certificates
X509CertImpl[] getX509Certificates(java.lang.String subjectDN, int validityType) throws EBaseException
Gets all valid and unexpired certificates pertaining to a subject DN.- Parameters:
subjectDN
- The distinguished name of the subject.validityType
- The type of certificatese to retrieve.- Returns:
- An array of certificates.
- Throws:
EBaseException
- on error.
-
getRevokedCertificates
java.util.Enumeration<ICertRecord> getRevokedCertificates(java.util.Date asOfDate) throws EBaseException
Retrieves all the revoked certificates that have not expired.- Parameters:
asOfDate
- as of date- Returns:
- a list of revoked certificates
- Throws:
EBaseException
- failed to retrieve
-
getAllRevokedCertificates
java.util.Enumeration<ICertRecord> getAllRevokedCertificates() throws EBaseException
Retrieves all revoked certificates including ones that have expired or that are not yet valid.- Returns:
- a list of revoked certificates
- Throws:
EBaseException
- failed to search
-
getAllRevokedNonExpiredCertificates
java.util.Enumeration<ICertRecord> getAllRevokedNonExpiredCertificates() throws EBaseException
Retrieves all revoked but not expired certificates.- Returns:
- a list of revoked certificates
- Throws:
EBaseException
- failed to search
-
findCertificates
java.util.Enumeration<X509CertImpl> findCertificates(java.lang.String filter) throws EBaseException
Finds all certificates given a filter.- Parameters:
filter
- search filter- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
findCertRecords
java.util.Enumeration<ICertRecord> findCertRecords(java.lang.String filter) throws EBaseException
Finds all certificate records given a filter.- Parameters:
filter
- search filter- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to search
-
getRevokedCertsByNotAfterDate
ICertRecordList getRevokedCertsByNotAfterDate(java.util.Date date, int pageSize) throws EBaseException
Gets Revoked certs orderes by noAfter date, jumps to records where notAfter date is greater than current.- Parameters:
date
- reference datepageSize
- page size- Returns:
- a list of certificate records
- Throws:
EBaseException
- failed to retrieve
-
getInvalidCertsByNotBeforeDate
ICertRecordList getInvalidCertsByNotBeforeDate(java.util.Date date, int pageSize) throws EBaseException
Gets Invalid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.- Parameters:
date
- reference datepageSize
- page size- Returns:
- a list of certificate records
- Throws:
EBaseException
- failed to retrieve
-
getValidCertsByNotAfterDate
ICertRecordList getValidCertsByNotAfterDate(java.util.Date date, int pageSize) throws EBaseException
Gets valid certs orderes by noAfter date, jumps to records where notAfter date is greater than current.- Parameters:
date
- reference datepageSize
- page size- Returns:
- a list of certificate records
- Throws:
EBaseException
- failed to retrieve
-
createCertRecord
ICertRecord createCertRecord(java.math.BigInteger id, java.security.cert.Certificate cert, MetaInfo meta)
Creates certificate record.- Parameters:
id
- serial numbercert
- certificatemeta
- meta information- Returns:
- certificate record
-
findCertRecs
java.util.Enumeration<java.lang.Object> findCertRecs(java.lang.String filter) throws EBaseException
Finds certificate records.- Parameters:
filter
- search filter- Returns:
- a list of certificate records
- Throws:
EBaseException
- failed to retrieve cert records
-
getRenewableCertificates
java.util.Hashtable<java.lang.String,RenewableCertificateCollection> getRenewableCertificates(java.lang.String renewalTime) throws EBaseException
Retrieves renewable certificates.- Parameters:
renewalTime
- renewal time- Returns:
- certificates
- Throws:
EBaseException
- failed to retrieve
-
unmarkRevoked
void unmarkRevoked(java.math.BigInteger id, IRevocationInfo info, java.util.Date revokedOn, java.lang.String revokedBy) throws EBaseException
Unmark a revoked certificates.- Parameters:
id
- serial numberinfo
- revocation informationrevokedOn
- revocation daterevokedBy
- userid- Throws:
EBaseException
- failed to unmark
-
getValidNotPublishedCertificates
java.util.Enumeration<ICertRecord> getValidNotPublishedCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrieves valid and not published certificates.- Parameters:
from
- starting serial numberto
- ending serial number- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getExpiredPublishedCertificates
java.util.Enumeration<ICertRecord> getExpiredPublishedCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrieves expired and published certificates.- Parameters:
from
- starting serial numberto
- ending serial number- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getRevokedPublishedCertificates
java.util.Enumeration<ICertRecord> getRevokedPublishedCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrieves revoked and published certificates.- Parameters:
from
- starting serial numberto
- ending serial number- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getValidCertificates
java.util.Enumeration<ICertRecord> getValidCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrieves valid certificates.- Parameters:
from
- starting serial numberto
- ending serial number- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getExpiredCertificates
java.util.Enumeration<ICertRecord> getExpiredCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrieves expired certificates.- Parameters:
from
- starting serial numberto
- ending serial number- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getRevokedCertificates
java.util.Enumeration<ICertRecord> getRevokedCertificates(java.lang.String from, java.lang.String to) throws EBaseException
Retrieves revoked certificates.- Parameters:
from
- starting serial numberto
- ending serial number- Returns:
- a list of certificates
- Throws:
EBaseException
- failed to retrieve
-
getModifications
void getModifications(netscape.ldap.LDAPEntry entry)
Retrieves modified certificate records.- Parameters:
entry
- LDAPEntry with modified data
-
removeCertRecords
void removeCertRecords(java.math.BigInteger beginS, java.math.BigInteger endS) throws EBaseException
Removes certificate records with this repository.- Parameters:
beginS
- BigInteger with radix 16endS
- BigInteger with radix 16- Throws:
EBaseException
-
getEnableRandomSerialNumbers
boolean getEnableRandomSerialNumbers()
Retrieves serial number management mode.- Returns:
- serial number management mode, "true" indicates random serial number management, "false" indicates sequential serial number management.
-
setEnableRandomSerialNumbers
void setEnableRandomSerialNumbers(boolean random, boolean updateMode, boolean forceModeChange)
Sets serial number management mode for certificates..- Parameters:
random
- "true" sets random serial number management, "false" sequentialupdateMode
- "true" updates "description" attribute in certificate repositoryforceModeChange
- "true" forces certificate repository mode change
-
shutdown
void shutdown()
-
-