All Superinterfaces:

AutoCloseable, Closeable

All Known Implementing Classes:

CmpClientImpl
```
public interface CmpClient
extends Closeable
```
CMP client interface.

Since:

2.0.0

Author:

Lijun Liao (xipki)

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`org.xipki.security.X509Cert`	`caCert(String caName, org.xipki.util.ReqRespDebug debug)`	Returns the CA certificate.
`List<org.xipki.security.X509Cert>`	`caCerts(String caName, org.xipki.util.ReqRespDebug debug)`	Returns the CA certificate chain.
`org.bouncycastle.cert.X509CRLHolder`	`downloadCrl(String caName, org.xipki.util.ReqRespDebug debug)`	Downloads the current CRL.
`EnrollCertResult`	`enrollCert(String caName, Requestor requestor, org.bouncycastle.asn1.pkcs.CertificationRequest csr, String profile, Instant notBefore, Instant notAfter, org.xipki.util.ReqRespDebug debug)`	Enrolls a certificate.
`EnrollCertResult`	`enrollCerts(String caName, Requestor requestor, EnrollCertRequest request, org.xipki.util.ReqRespDebug debug)`	Enrolls a set of certificates.
`List<org.xipki.security.X509Cert>`	`getDhPopPeerCertificates()`	Returns the certificates held by CA for the DH KeyAgreement.
`CertIdOrError`	`revokeCert(String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, BigInteger serial, int reason, Instant invalidityTime, org.xipki.util.ReqRespDebug debug)`	Revokes a certificate.
`CertIdOrError`	`revokeCert(String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, org.xipki.security.X509Cert cert, int reason, Instant invalidityTime, org.xipki.util.ReqRespDebug debug)`	Revokes a certificate.
`Map<String,CertIdOrError>`	`revokeCerts(String caName, Requestor requestor, RevokeCertRequest request, org.xipki.util.ReqRespDebug debug)`	Revoke a set of certificates.
`CertIdOrError`	`unsuspendCert(String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, BigInteger serial, org.xipki.util.ReqRespDebug debug)`	Unsuspends a certificate.
`CertIdOrError`	`unsuspendCert(String caName, Requestor requestor, org.xipki.security.X509Cert issuerCert, org.xipki.security.X509Cert cert, org.xipki.util.ReqRespDebug debug)`	Unsuspends certificates.
`Map<String,CertIdOrError>`	`unsuspendCerts(String caName, Requestor requestor, UnrevokeCertRequest request, org.xipki.util.ReqRespDebug debug)`	Unsuspends certificates.

Methods inherited from interface java.io.Closeable
close

Method Detail

enrollCert

EnrollCertResult enrollCert(String caName,
                            Requestor requestor,
                            org.bouncycastle.asn1.pkcs.CertificationRequest csr,
                            String profile,
                            Instant notBefore,
                            Instant notAfter,
                            org.xipki.util.ReqRespDebug debug)
                     throws CmpClientException,
                            PkiErrorException

Enrolls a certificate.

Parameters:: caName - CA name. Must not be null.; requestor - Requestor, the actor which requests the operation. Must not be null.; csr - CSR. Must not benull.; profile - Certificate profile name. Must not benull.; notBefore - NotBefore. Could be null.; notAfter - NotAfter. Could be null.; debug - Request/response debug control. Could be null.
Returns:: the enrolling result.
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

enrollCerts

EnrollCertResult enrollCerts(String caName,
                             Requestor requestor,
                             EnrollCertRequest request,
                             org.xipki.util.ReqRespDebug debug)
                      throws CmpClientException,
                             PkiErrorException

Enrolls a set of certificates.

Parameters:: caName - CA name. Must not be null.; requestor - Requestor, the actor which requests the operation. Must not be null.; request - Request. Must not be null.; debug - Request/response debug control. Could be null.
Returns:: the enrolling result.
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

revokeCert

CertIdOrError revokeCert(String caName,
                         Requestor requestor,
                         org.xipki.security.X509Cert issuerCert,
                         BigInteger serial,
                         int reason,
                         Instant invalidityTime,
                         org.xipki.util.ReqRespDebug debug)
                  throws CmpClientException,
                         PkiErrorException

Revokes a certificate.

Parameters:: caName - CA name. Must not be null.; requestor - Requestor, the actor which requests the operation. Must not be null.; issuerCert - Issuer's certificate. Must not be null.; serial - Serial number of the target certificate. Must not be null.; reason - Revocation reason.; invalidityTime - Invalidity time. Could be null.; debug - Request/response debug control. Could be null.
Returns:: the revocation result.
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

revokeCert

CertIdOrError revokeCert(String caName,
                         Requestor requestor,
                         org.xipki.security.X509Cert issuerCert,
                         org.xipki.security.X509Cert cert,
                         int reason,
                         Instant invalidityTime,
                         org.xipki.util.ReqRespDebug debug)
                  throws CmpClientException,
                         PkiErrorException

Revokes a certificate.

Parameters:: caName - CA name. Must not be null.; requestor - Requestor, the actor which requests the operation. Must not be null.; issuerCert - Issuer's certificate. Must not be null.; cert - Target certificate. Must not be null.; reason - Revocation reason.; invalidityTime - Invalidity time. Could be null.; debug - Request/response debug control. Could be null.
Returns:: the revocation result.
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

revokeCerts

Map<String,CertIdOrError> revokeCerts(String caName,
                                            Requestor requestor,
                                            RevokeCertRequest request,
                                            org.xipki.util.ReqRespDebug debug)
                                     throws CmpClientException,
                                            PkiErrorException

Revoke a set of certificates.

Parameters:: caName - CA name. Must not be null.; requestor - Requestor, the actor which requests the operation. Must not be null.; request - Request. Must not be null.; debug - Request/response debug control. Could be null.
Returns:: the revocation result.
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

downloadCrl

org.bouncycastle.cert.X509CRLHolder downloadCrl(String caName,
                                                org.xipki.util.ReqRespDebug debug)
                                         throws CmpClientException,
                                                PkiErrorException

Downloads the current CRL.

Parameters:: caName - CA name. Must not be null.; debug - Request/response debug control. Could be null.
Returns:: the X509 CRL. Must not be null.
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

unsuspendCert

CertIdOrError unsuspendCert(String caName,
                            Requestor requestor,
                            org.xipki.security.X509Cert issuerCert,
                            BigInteger serial,
                            org.xipki.util.ReqRespDebug debug)
                     throws CmpClientException,
                            PkiErrorException

Unsuspends a certificate.

Parameters:: caName - CA name. Must not be null.; requestor - Requestor, the actor which requests the operation. Must not be null.; issuerCert - Issuer's certificate. Must not be null.; serial - Serial number of the certificate. Must not be null.; debug - Request/response debug control. Could be null.
Returns:: result of action.
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

unsuspendCert

CertIdOrError unsuspendCert(String caName,
                            Requestor requestor,
                            org.xipki.security.X509Cert issuerCert,
                            org.xipki.security.X509Cert cert,
                            org.xipki.util.ReqRespDebug debug)
                     throws CmpClientException,
                            PkiErrorException

Unsuspends certificates.

Parameters:: caName - CA name. Must not be null.; requestor - Requestor, the actor which requests the operation. Must not be null.; issuerCert - Issuer's certificate. Must not be null.; cert - Target certificate. Must not be null.; debug - Request/response debug control. Could be null.
Returns:: result of the unrevocation.
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

unsuspendCerts

Map<String,CertIdOrError> unsuspendCerts(String caName,
                                               Requestor requestor,
                                               UnrevokeCertRequest request,
                                               org.xipki.util.ReqRespDebug debug)
                                        throws CmpClientException,
                                               PkiErrorException

Unsuspends certificates.

Parameters:: caName - CA name. Must not be null.; requestor - Requestor, the actor which requests the operation. Must not be null.; request - Request. Must not be null.; debug - Request/response debug control. Could be null.
Returns:: result of the unrevocation.
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

caCert

org.xipki.security.X509Cert caCert(String caName,
                                   org.xipki.util.ReqRespDebug debug)
                            throws CmpClientException,
                                   PkiErrorException

Returns the CA certificate.

Parameters:: caName - the CA name; debug - Request/response debug control. Could be null.
Returns:: the CA certificate
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

caCerts

List<org.xipki.security.X509Cert> caCerts(String caName,
                                          org.xipki.util.ReqRespDebug debug)
                                   throws CmpClientException,
                                          PkiErrorException

Returns the CA certificate chain.

Parameters:: caName - the CA name; debug - Request/response debug control. Could be null.
Returns:: the CA certificate
Throws:: PkiErrorException - if the response returns none-success status.; CmpClientException - if client error occurs.

getDhPopPeerCertificates
```
List<org.xipki.security.X509Cert> getDhPopPeerCertificates()
                                                    throws CmpClientException
```
Returns the certificates held by CA for the DH KeyAgreement.

Returns:

the certificates held by CA for the DH KeyAgreement,

Throws:

CmpClientException - if client error occurs.

Interface CmpClient

Method Summary

Methods inherited from interface java.io.Closeable

Method Detail

enrollCert

enrollCerts

revokeCert

revokeCert

revokeCerts

downloadCrl

unsuspendCert

unsuspendCert

unsuspendCerts

caCert

caCerts

getDhPopPeerCertificates