- java.lang.Object
-
- org.shredzone.acme4j.smime.csr.SMIMECSRBuilder
-
public class SMIMECSRBuilder extends Object
Generator for an S/MIME CSR (Certificate Signing Request) suitable for ACME servers.Requires
Bouncy Castle
. TheBouncyCastleProvider
must also be added as security provider.A
javax.mail
implementation must be present in the classpath.- Since:
- 2.12
-
-
Constructor Summary
Constructors Constructor Description SMIMECSRBuilder()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addEmail(jakarta.mail.internet.InternetAddress email)
Adds anInternetAddress
.void
addEmails(jakarta.mail.internet.InternetAddress... emails)
Adds multipleInternetAddress
.void
addEmails(Collection<jakarta.mail.internet.InternetAddress> emails)
Adds multipleInternetAddress
.void
addIdentifier(Identifier id)
Adds an emailIdentifier
.void
addIdentifiers(Collection<Identifier> ids)
Adds aCollection
of emailIdentifier
.void
addIdentifiers(Identifier... ids)
Adds multiple emailIdentifier
.void
addValue(String attName, String value)
Sets an entry of the subject used for the CSR.void
addValue(org.bouncycastle.asn1.ASN1ObjectIdentifier oid, String value)
Sets an entry of the subject used for the CSRorg.bouncycastle.pkcs.PKCS10CertificationRequest
getCSR()
Gets the PKCS#10 certification request.byte[]
getEncoded()
Gets an encoded PKCS#10 certification request.void
setCountry(String c)
Sets the country.void
setKeyUsageType(KeyUsageType keyUsageType)
Sets the key usage type for S/MIME certificates.void
setLocality(String l)
Sets the city or locality.void
setOrganization(String o)
Sets the organization.void
setOrganizationalUnit(String ou)
Sets the organizational unit.void
setState(String st)
Sets the state or province.void
sign(KeyPair keypair)
Signs the completed S/MIME CSR.String
toString()
void
write(OutputStream out)
Writes the signed certificate request to anOutputStream
.void
write(Writer w)
Writes the signed certificate request to aWriter
.
-
-
-
Constructor Detail
-
SMIMECSRBuilder
public SMIMECSRBuilder()
-
-
Method Detail
-
addEmail
public void addEmail(jakarta.mail.internet.InternetAddress email)
Adds anInternetAddress
. The first address is also used as CN.- Parameters:
email
-InternetAddress
to add
-
addEmails
public void addEmails(Collection<jakarta.mail.internet.InternetAddress> emails)
Adds multipleInternetAddress
.- Parameters:
emails
- Collection ofInternetAddress
to add
-
addEmails
public void addEmails(jakarta.mail.internet.InternetAddress... emails)
Adds multipleInternetAddress
.- Parameters:
emails
-InternetAddress
to add
-
addIdentifier
public void addIdentifier(Identifier id)
Adds an emailIdentifier
.- Parameters:
id
-Identifier
to add
-
addIdentifiers
public void addIdentifiers(Collection<Identifier> ids)
Adds aCollection
of emailIdentifier
.- Parameters:
ids
- Collection of Identifier to add
-
addIdentifiers
public void addIdentifiers(Identifier... ids)
Adds multiple emailIdentifier
.- Parameters:
ids
- Identifier to add
-
addValue
public void addValue(String attName, String value) throws jakarta.mail.internet.AddressException
Sets an entry of the subject used for the CSR.This method is meant as "expert mode" for setting attributes that are not covered by the other methods. It is at the discretion of the ACME server to accept this parameter.
- Parameters:
attName
- The BCStyle attribute namevalue
- The value- Throws:
jakarta.mail.internet.AddressException
- if a common name is added, but the value is not a valid email address.- Since:
- 2.14
-
addValue
public void addValue(org.bouncycastle.asn1.ASN1ObjectIdentifier oid, String value) throws jakarta.mail.internet.AddressException
Sets an entry of the subject used for the CSRThis method is meant as "expert mode" for setting attributes that are not covered by the other methods. It is at the discretion of the ACME server to accept this parameter.
- Parameters:
oid
- The OID of the attribute to be addedvalue
- The value- Throws:
jakarta.mail.internet.AddressException
- if a common name is added, but the value is not a valid email address.- Since:
- 2.14
-
setOrganization
public void setOrganization(String o)
Sets the organization.Note that it is at the discretion of the ACME server to accept this parameter.
-
setOrganizationalUnit
public void setOrganizationalUnit(String ou)
Sets the organizational unit.Note that it is at the discretion of the ACME server to accept this parameter.
-
setLocality
public void setLocality(String l)
Sets the city or locality.Note that it is at the discretion of the ACME server to accept this parameter.
-
setState
public void setState(String st)
Sets the state or province.Note that it is at the discretion of the ACME server to accept this parameter.
-
setCountry
public void setCountry(String c)
Sets the country.Note that it is at the discretion of the ACME server to accept this parameter.
-
setKeyUsageType
public void setKeyUsageType(KeyUsageType keyUsageType)
Sets the key usage type for S/MIME certificates.By default, the S/MIME certificate will be suitable for both signing and encryption.
-
sign
public void sign(KeyPair keypair) throws IOException
Signs the completed S/MIME CSR.- Parameters:
keypair
-KeyPair
to sign the CSR with- Throws:
IOException
-
getCSR
public org.bouncycastle.pkcs.PKCS10CertificationRequest getCSR()
Gets the PKCS#10 certification request.
-
getEncoded
public byte[] getEncoded() throws IOException
Gets an encoded PKCS#10 certification request.- Throws:
IOException
-
write
public void write(Writer w) throws IOException
Writes the signed certificate request to aWriter
.- Parameters:
w
-Writer
to write the PEM file to. TheWriter
is closed after use.- Throws:
IOException
-
write
public void write(OutputStream out) throws IOException
Writes the signed certificate request to anOutputStream
.- Parameters:
out
-OutputStream
to write the PEM file to. TheOutputStream
is closed after use.- Throws:
IOException
-
-