- java.lang.Object
-
- org.shredzone.acme4j.AcmeResource
-
- org.shredzone.acme4j.AcmeJsonResource
-
- org.shredzone.acme4j.Order
-
- All Implemented Interfaces:
Serializable
public class Order extends AcmeJsonResource
A representation of a certificate order at the CA.- See Also:
- Serialized Form
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
cancelAutoRenewal()
Cancels an auto-renewing order.void
execute(byte[] csr)
Finalizes the order (seeexecute(KeyPair)
).void
execute(KeyPair domainKeyPair)
Finalizes the order.void
execute(KeyPair domainKeyPair, Consumer<CSRBuilder> builderConsumer)
Finalizes the order (seeexecute(KeyPair)
).void
execute(org.bouncycastle.pkcs.PKCS10CertificationRequest csr)
Finalizes the order (seeexecute(KeyPair)
).List<Authorization>
getAuthorizations()
Gets theAuthorization
that are required to fulfil this order, in no specific order.Certificate
getAutoRenewalCertificate()
Gets the STAR extension'sCertificate
if it is available.Instant
getAutoRenewalEndDate()
Returns the latest date of validity of the last certificate issued.Duration
getAutoRenewalLifetime()
Returns the maximum lifetime of each certificate.Optional<Duration>
getAutoRenewalLifetimeAdjust()
Returns the pre-date period of each certificate.Optional<Instant>
getAutoRenewalStartDate()
Returns the earliest date of validity of the first certificate issued.Certificate
getCertificate()
Gets theCertificate
.Optional<Problem>
getError()
Returns aProblem
document with the reason if the order has failed.Optional<Instant>
getExpires()
Gets the expiry date of the authorization, if set by the server.URL
getFinalizeLocation()
Gets the locationURL
of where to send the finalization call to.List<Identifier>
getIdentifiers()
Gets a list ofIdentifier
that are connected to this order.Optional<Instant>
getNotAfter()
Gets the "not after" date that was used for the order.Optional<Instant>
getNotBefore()
Gets the "not before" date that was used for the order.Status
getStatus()
Returns the current status of the order.protected void
invalidate()
Invalidates the state of this resource.boolean
isAutoRenewalGetEnabled()
Returnstrue
if STAR certificates from this order can also be fetched via GET requests.boolean
isAutoRenewing()
Checks if this order is auto-renewing, according to the ACME STAR specifications.-
Methods inherited from class org.shredzone.acme4j.AcmeJsonResource
fetch, getJSON, getRetryAfter, isValid, setJSON, setRetryAfter, update
-
Methods inherited from class org.shredzone.acme4j.AcmeResource
finalize, getLocation, getLogin, getSession, rebind
-
-
-
-
Method Detail
-
getStatus
public Status getStatus()
Returns the current status of the order.Possible values are:
Status.PENDING
,Status.READY
,Status.PROCESSING
,Status.VALID
,Status.INVALID
. If the server supports STAR, another possible value isStatus.CANCELED
.
-
getError
public Optional<Problem> getError()
Returns aProblem
document with the reason if the order has failed.
-
getExpires
public Optional<Instant> getExpires()
Gets the expiry date of the authorization, if set by the server.
-
getIdentifiers
public List<Identifier> getIdentifiers()
Gets a list ofIdentifier
that are connected to this order.- Since:
- 2.3
-
getNotBefore
public Optional<Instant> getNotBefore()
Gets the "not before" date that was used for the order.
-
getNotAfter
public Optional<Instant> getNotAfter()
Gets the "not after" date that was used for the order.
-
getAuthorizations
public List<Authorization> getAuthorizations()
Gets theAuthorization
that are required to fulfil this order, in no specific order.
-
getFinalizeLocation
public URL getFinalizeLocation()
Gets the locationURL
of where to send the finalization call to.For internal purposes. Use
execute(byte[])
to finalize an order.
-
getCertificate
public Certificate getCertificate()
Gets theCertificate
.- Throws:
IllegalStateException
- if the order is not ready yet. You must finalize the order first, and wait for the status to becomeStatus.VALID
.
-
getAutoRenewalCertificate
public Certificate getAutoRenewalCertificate()
Gets the STAR extension'sCertificate
if it is available.- Throws:
IllegalStateException
- if the order is not ready yet. You must finalize the order first, and wait for the status to becomeStatus.VALID
. It is also thrown if the order has beenStatus.CANCELED
.- Since:
- 2.6
-
execute
public void execute(KeyPair domainKeyPair) throws AcmeException
Finalizes the order.If the finalization was successful, the certificate is provided via
getCertificate()
.Even though the ACME protocol uses the term "finalize an order", this method is called
execute(KeyPair)
to avoid confusion with the problematicObject.finalize()
method.- Parameters:
domainKeyPair
- TheKeyPair
that is going to be certified. This is not your account's keypair!- Throws:
AcmeException
- Since:
- 3.0.0
- See Also:
execute(KeyPair, Consumer)
,execute(PKCS10CertificationRequest)
,execute(byte[])
-
execute
public void execute(KeyPair domainKeyPair, Consumer<CSRBuilder> builderConsumer) throws AcmeException
Finalizes the order (seeexecute(KeyPair)
).This method also accepts a builderConsumer that can be used to add further details to the CSR (e.g. your organization). The identifiers (IPs, domain names, etc.) are automatically added to the CSR.
- Parameters:
domainKeyPair
- TheKeyPair
that is going to be used together with the certificate. This is not your account's keypair!builderConsumer
-Consumer
that adds further details to the providedCSRBuilder
.- Throws:
AcmeException
- Since:
- 3.0.0
- See Also:
execute(KeyPair)
,execute(PKCS10CertificationRequest)
,execute(byte[])
-
execute
public void execute(org.bouncycastle.pkcs.PKCS10CertificationRequest csr) throws AcmeException
Finalizes the order (seeexecute(KeyPair)
).This method receives a
PKCS10CertificationRequest
instance of a CSR that was generated externally. Use this method to gain full control over the content of the CSR. The CSR is not checked by acme4j, but just transported to the CA. It is your responsibility that it matches to the order.- Parameters:
csr
-PKCS10CertificationRequest
to be used for this order.- Throws:
AcmeException
- Since:
- 3.0.0
- See Also:
execute(KeyPair)
,execute(KeyPair, Consumer)
,execute(byte[])
-
execute
public void execute(byte[] csr) throws AcmeException
Finalizes the order (seeexecute(KeyPair)
).This method receives a byte array containing an encoded CSR that was generated externally. Use this method to gain full control over the content of the CSR. The CSR is not checked by acme4j, but just transported to the CA. It is your responsibility that it matches to the order.
- Parameters:
csr
- Binary representation of a CSR containing the parameters for the certificate being requested, in DER format- Throws:
AcmeException
-
isAutoRenewing
public boolean isAutoRenewing()
Checks if this order is auto-renewing, according to the ACME STAR specifications.- Since:
- 2.3
-
getAutoRenewalStartDate
public Optional<Instant> getAutoRenewalStartDate()
Returns the earliest date of validity of the first certificate issued.- Throws:
AcmeNotSupportedException
- if auto-renewal is not supported- Since:
- 2.3
-
getAutoRenewalEndDate
public Instant getAutoRenewalEndDate()
Returns the latest date of validity of the last certificate issued.- Throws:
AcmeNotSupportedException
- if auto-renewal is not supported- Since:
- 2.3
-
getAutoRenewalLifetime
public Duration getAutoRenewalLifetime()
Returns the maximum lifetime of each certificate.- Throws:
AcmeNotSupportedException
- if auto-renewal is not supported- Since:
- 2.3
-
getAutoRenewalLifetimeAdjust
public Optional<Duration> getAutoRenewalLifetimeAdjust()
Returns the pre-date period of each certificate.- Throws:
AcmeNotSupportedException
- if auto-renewal is not supported- Since:
- 2.7
-
isAutoRenewalGetEnabled
public boolean isAutoRenewalGetEnabled()
Returnstrue
if STAR certificates from this order can also be fetched via GET requests.- Since:
- 2.6
-
cancelAutoRenewal
public void cancelAutoRenewal() throws AcmeException
Cancels an auto-renewing order.- Throws:
AcmeException
- Since:
- 2.3
-
invalidate
protected void invalidate()
Description copied from class:AcmeJsonResource
Invalidates the state of this resource. Enforces aAcmeJsonResource.fetch()
whenAcmeJsonResource.getJSON()
is invoked.Subclasses can override this method to purge internal caches that are based on the JSON structure. Remember to invoke
super.invalidate()
!- Overrides:
invalidate
in classAcmeJsonResource
-
-