public class CertificateRequest extends Object
Modifier and Type | Field | Description |
---|---|---|
static String |
defaultsPrefix |
System properties prefix for prefill defaults
|
Constructor | Description |
---|---|
CertificateRequest() |
Modifier and Type | Method | Description |
---|---|---|
static void |
completeData(Properties p) |
Completes fields from certificate.
|
static void |
postFillData(Properties p) |
Complete data entered before creating a certificate signing
request.
|
static void |
postFillDataLock(Properties p) |
Lock fields on which the request is dependent.
|
static void |
preFillData(Properties p) |
Set default properties to aid user in filling in the form.
|
static void |
preFillData(Properties p,
Properties parent) |
Set default properties based on an amount of guessing to aid
the user in filling in the form.
|
static void |
validateDN(String dn) |
Verifies that DN (complete or component) is valid.
|
static void |
validatePassword(char[] pw,
boolean strict) |
Verifies that password is according to policy.
|
static void |
validatePassword(String pw,
boolean strict) |
Verifies that password is according to policy.
|
public static final String defaultsPrefix
public static void preFillData(Properties p, Properties parent)
First properties are copied from its parent, if any. If the parent has no such property, it looks at system properties jgridstart.defaults.* and sets defaults from these. If a property already exists, it is not overwritten.
The parent is meant for renewing certificates, where most properties need to be copied from the parent certificate, but not all.
Cryptography-related properties are taken from system defaults, so that stronger cryptography defaults can be used with renewals.
p
- Properties to setparent
- Parent Properties to copy frompublic static void preFillData(Properties p)
This is equal to preFillData(Properties, null)
.
p
- Properties to setpreFillData(Properties, Properties)
public static void postFillData(Properties p)
This should be called before CertificateStore.generateRequest() or CertificatePair.generateRequest() is called.
Currently assumes that the org
property is a comma-separated
list of organisation, organisation-units (if any OUs).
p
- Properties to updatepublic static void postFillDataLock(Properties p)
When the CSR is generated, some fields should not be changed
anymore since these have become part of the request. This
method should set all foo.locked
variables so that
the fields cannot be edited in TemplateDocuments.
public static void completeData(Properties p)
When an external certificate is imported, its DN has to be parsed to get names, level, etc. This is kinda reverse of {#postFillData}.
public static void validatePassword(String pw, boolean strict) throws InvalidKeyException
Throws an InvalidKeyException if the policy is violated. Requirements are configured through the system properties; please see global.properties. Properties used:
true
strict
- whether to check for strict requirements (strict mode),
or suggestions only (non-strict mode)InvalidKeyException
public static void validatePassword(char[] pw, boolean strict) throws InvalidKeyException
Accepts char
array as parameter for future compatibility.
InvalidKeyException
validatePassword(String, boolean)
public static void validateDN(String dn) throws Exception
The CP/CPS specified that PRINTABLESTRING should be used, and that quotes should not be used. What characters are allowed explicitly is determined by the property jgridstart.dnpolicy which is a regular expression.
Exception
Copyright © 2010-2018 Nikhef / Stichting FOM. All Rights Reserved.