Module org.shredzone.acme4j.smime
Package org.shredzone.acme4j.smime.csr

Class SMIMECSRBuilder

java.lang.Object
org.shredzone.acme4j.smime.csr.SMIMECSRBuilder
public class SMIMECSRBuilder extends Object
Generator for an S/MIME CSR (Certificate Signing Request) suitable for ACME servers.

Requires Bouncy Castle. The BouncyCastleProvider must also be added as security provider.

A javax.mail implementation must be present in the classpath.

Since:
2.12

  • Constructor Details

  • Method Details

    • addEmail

      public void addEmail(jakarta.mail.internet.InternetAddress email)
      Adds an InternetAddress. The first address is also used as CN.
      Parameters:
      email - InternetAddress to add

    • addEmails

      public void addEmails(Collection<jakarta.mail.internet.InternetAddress> emails)
      Adds multiple InternetAddress.
      Parameters:
      emails - Collection of InternetAddress to add

    • addEmails

      public void addEmails(jakarta.mail.internet.InternetAddress... emails)
      Adds multiple InternetAddress.
      Parameters:
      emails - InternetAddress to add

    • addIdentifier

      public void addIdentifier(Identifier id)
      Adds an email Identifier.
      Parameters:
      id - Identifier to add

    • addIdentifiers

      public void addIdentifiers(Collection<Identifier> ids)
      Adds a Collection of email Identifier.
      Parameters:
      ids - Collection of Identifier to add

    • addIdentifiers

      public void addIdentifiers(Identifier... ids)
      Adds multiple email Identifier.
      Parameters:
      ids - Identifier to add

    • addValue

      public void addValue(String attName, String value) throws jakarta.mail.internet.AddressException
      Sets an entry of the subject used for the CSR.

      This method is meant as "expert mode" for setting attributes that are not covered by the other methods. It is at the discretion of the ACME server to accept this parameter.

      Parameters:
      attName - The BCStyle attribute name
      value - The value
      Throws:
      jakarta.mail.internet.AddressException - if a common name is added, but the value is not a valid email address.
      Since:
      2.14

    • addValue

      public void addValue(org.bouncycastle.asn1.ASN1ObjectIdentifier oid, String value) throws jakarta.mail.internet.AddressException
      Sets an entry of the subject used for the CSR

      This method is meant as "expert mode" for setting attributes that are not covered by the other methods. It is at the discretion of the ACME server to accept this parameter.

      Parameters:
      oid - The OID of the attribute to be added
      value - The value
      Throws:
      jakarta.mail.internet.AddressException - if a common name is added, but the value is not a valid email address.
      Since:
      2.14

    • setOrganization

      public void setOrganization(String o)
      Sets the organization.

      Note that it is at the discretion of the ACME server to accept this parameter.

    • setOrganizationalUnit

      public void setOrganizationalUnit(String ou)
      Sets the organizational unit.

      Note that it is at the discretion of the ACME server to accept this parameter.

    • setLocality

      public void setLocality(String l)
      Sets the city or locality.

      Note that it is at the discretion of the ACME server to accept this parameter.

    • setState

      public void setState(String st)
      Sets the state or province.

      Note that it is at the discretion of the ACME server to accept this parameter.

    • setCountry

      public void setCountry(String c)
      Sets the country.

      Note that it is at the discretion of the ACME server to accept this parameter.

    • setKeyUsageType

      public void setKeyUsageType(KeyUsageType keyUsageType)
      Sets the key usage type for S/MIME certificates.

      By default, the S/MIME certificate will be suitable for both signing and encryption.

    • sign

      public void sign(KeyPair keypair) throws IOException
      Signs the completed S/MIME CSR.
      Parameters:
      keypair - KeyPair to sign the CSR with
      Throws:
      IOException

    • getCSR

      public org.bouncycastle.pkcs.PKCS10CertificationRequest getCSR()
      Gets the PKCS#10 certification request.

    • getEncoded

      public byte[] getEncoded() throws IOException
      Gets an encoded PKCS#10 certification request.
      Throws:
      IOException

    • write

      public void write(Writer w) throws IOException
      Writes the signed certificate request to a Writer.
      Parameters:
      w - Writer to write the PEM file to. The Writer is closed after use.
      Throws:
      IOException

    • write

      public void write(OutputStream out) throws IOException
      Writes the signed certificate request to an OutputStream.
      Parameters:
      out - OutputStream to write the PEM file to. The OutputStream is closed after use.
      Throws:
      IOException

    • toString

      public String toString()
      Overrides:
      toString in class Object