Modul org.shredzone.acme4j

Package org.shredzone.acme4j

Klasse Order

java.lang.Object

org.shredzone.acme4j.AcmeResource

org.shredzone.acme4j.AcmeJsonResource

org.shredzone.acme4j.Order

Alle implementierten Schnittstellen:

Serializable, PollableResource

public class Order
extends AcmeJsonResource
implements PollableResource

A representation of a certificate order at the CA.

Siehe auch:

• Serialisierte Form

Feldübersicht

Von Schnittstelle geerbte Felder org.shredzone.acme4j.PollableResource

DEFAULT_RETRY_AFTER

Konstruktorübersicht

Konstruktoren

Modifizierer	Konstruktor	Beschreibung
protected	Order(Login login, URL location)

Methodenübersicht

Modifizierer und Typ	Methode	Beschreibung
void	cancelAutoRenewal()	Cancels an auto-renewing order.
void	execute(byte[] csr)	Finalizes the order (see execute(KeyPair)).
void	execute(KeyPair domainKeyPair)	Finalizes the order.
void	execute(KeyPair domainKeyPair, Consumer<CSRBuilder> builderConsumer)	Finalizes the order (see execute(KeyPair)).
void	execute(org.bouncycastle.pkcs.PKCS10CertificationRequest csr)	Finalizes the order (see execute(KeyPair)).
List<Authorization>	getAuthorizations()	Gets the Authorization that are required to fulfil this order, in no specific order.
Certificate	getAutoRenewalCertificate()	Veraltet. Use getCertificate() for STAR certificates as well.
Instant	getAutoRenewalEndDate()	Returns the latest date of validity of the last certificate issued.
Duration	getAutoRenewalLifetime()	Returns the maximum lifetime of each certificate.
Optional<Duration>	getAutoRenewalLifetimeAdjust()	Returns the pre-date period of each certificate.
Optional<Instant>	getAutoRenewalStartDate()	Returns the earliest date of validity of the first certificate issued.
Certificate	getCertificate()	Gets the Certificate.
Optional<Problem>	getError()	Returns a Problem document with the reason if the order has failed.
Optional<Instant>	getExpires()	Gets the expiry date of the authorization, if set by the server.
URL	getFinalizeLocation()	Gets the location URL of where to send the finalization call to.
List<Identifier>	getIdentifiers()	Gets a list of Identifier that are connected to this order.
Optional<Instant>	getNotAfter()	Gets the "not after" date that was used for the order.
Optional<Instant>	getNotBefore()	Gets the "not before" date that was used for the order.
String	getProfile()	Returns the selected profile.
Status	getStatus()	Returns the current status of the order.
protected void	invalidate()	Invalidates the state of this resource.
boolean	isAutoRenewalCertificate()	Returns whether this is a STAR certificate (true) or a standard certificate (false).
boolean	isAutoRenewalGetEnabled()	Returns true if STAR certificates from this order can also be fetched via GET requests.
boolean	isAutoRenewing()	Checks if this order is auto-renewing, according to the ACME STAR specifications.
Status	waitForCompletion(Duration timeout)	Waits until the order finalization is completed.
Status	waitUntilReady(Duration timeout)	Waits until the order is ready for finalization.

Von Klasse geerbte Methoden org.shredzone.acme4j.AcmeJsonResource

fetch, getJSON, getRetryAfter, isValid, setJSON, setRetryAfter, update

Von Klasse geerbte Methoden org.shredzone.acme4j.AcmeResource

finalize, getLocation, getLogin, getSession, rebind

Von Klasse geerbte Methoden java.lang.Object

clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Von Schnittstelle geerbte Methoden org.shredzone.acme4j.PollableResource

fetch, waitForStatus

Konstruktordetails

Order

protected Order(Login login,
 URL location)

Methodendetails

getStatus

public Status getStatus()

Returns the current status of the order.

Possible values are: Status.PENDING, Status.READY, Status.PROCESSING, Status.VALID, Status.INVALID. If the server supports STAR, another possible value is Status.CANCELED.

Angegeben von:

getStatus in Schnittstelle PollableResource

getError

public Optional<Problem> getError()

Returns a Problem document with the reason if the order has failed.

getExpires

public Optional<Instant> getExpires()

Gets the expiry date of the authorization, if set by the server.

getIdentifiers

public List<Identifier> getIdentifiers()

Gets a list of Identifier that are connected to this order.

Seit:

2.3

getNotBefore

public Optional<Instant> getNotBefore()

Gets the "not before" date that was used for the order.

getNotAfter

public Optional<Instant> getNotAfter()

Gets the "not after" date that was used for the order.

getAuthorizations

public List<Authorization> getAuthorizations()

Gets the Authorization that are required to fulfil this order, in no specific order.

getFinalizeLocation

public URL getFinalizeLocation()

Gets the location URL of where to send the finalization call to.

For internal purposes. Use execute(byte[]) to finalize an order.

getCertificate

public Certificate getCertificate()

Gets the Certificate.

Löst aus:

IllegalStateException - if the order is not ready yet. You must finalize the order first, and wait for the status to become Status.VALID.

getAutoRenewalCertificate

@Deprecated
public Certificate getAutoRenewalCertificate()

Veraltet.

Use getCertificate() for STAR certificates as well.

Gets the STAR extension's Certificate if it is available.

Löst aus:

IllegalStateException - if the order is not ready yet. You must finalize the order first, and wait for the status to become Status.VALID. It is also thrown if the order has been Status.CANCELED.

Seit:

2.6

isAutoRenewalCertificate

public boolean isAutoRenewalCertificate()

Returns whether this is a STAR certificate (true) or a standard certificate (false).

Seit:

3.5.0

execute

public void execute(KeyPair domainKeyPair)
             throws AcmeException

Finalizes the order.

If the finalization was successful, the certificate is provided via getCertificate().

Even though the ACME protocol uses the term "finalize an order", this method is called execute(KeyPair) to avoid confusion with the problematic Object.finalize() method.

Parameter:

domainKeyPair - The KeyPair that is going to be certified. This is not your account's keypair!

Löst aus:

AcmeException

Seit:

3.0.0

Siehe auch:

• execute(KeyPair, Consumer)
• execute(PKCS10CertificationRequest)
• execute(byte[])
• waitUntilReady(Duration)
• waitForCompletion(Duration)

execute

public void execute(KeyPair domainKeyPair,
 Consumer<CSRBuilder> builderConsumer)
             throws AcmeException

Finalizes the order (see execute(KeyPair)).

This method also accepts a builderConsumer that can be used to add further details to the CSR (e.g. your organization). The identifiers (IPs, domain names, etc.) are automatically added to the CSR.

Parameter:

domainKeyPair - The KeyPair that is going to be used together with the certificate. This is not your account's keypair!

builderConsumer - Consumer that adds further details to the provided CSRBuilder.

Löst aus:

AcmeException

Seit:

3.0.0

Siehe auch:

• execute(KeyPair)
• execute(PKCS10CertificationRequest)
• execute(byte[])
• waitUntilReady(Duration)
• waitForCompletion(Duration)

execute

public void execute(org.bouncycastle.pkcs.PKCS10CertificationRequest csr)
             throws AcmeException

Finalizes the order (see execute(KeyPair)).

This method receives a PKCS10CertificationRequest instance of a CSR that was generated externally. Use this method to gain full control over the content of the CSR. The CSR is not checked by acme4j, but just transported to the CA. It is your responsibility that it matches to the order.

Parameter:

csr - PKCS10CertificationRequest to be used for this order.

Löst aus:

AcmeException

Seit:

3.0.0

Siehe auch:

• execute(KeyPair)
• execute(KeyPair, Consumer)
• execute(byte[])
• waitUntilReady(Duration)
• waitForCompletion(Duration)

execute

public void execute(byte[] csr)
             throws AcmeException

Finalizes the order (see execute(KeyPair)).

This method receives a byte array containing an encoded CSR that was generated externally. Use this method to gain full control over the content of the CSR. The CSR is not checked by acme4j, but just transported to the CA. It is your responsibility that it matches to the order.

Parameter:

csr - Binary representation of a CSR containing the parameters for the certificate being requested, in DER format

Löst aus:

AcmeException

Siehe auch:

• waitUntilReady(Duration)
• waitForCompletion(Duration)

waitUntilReady

public Status waitUntilReady(Duration timeout)
                      throws AcmeException,
InterruptedException

Waits until the order is ready for finalization.

Is is ready if it reaches Status.READY. The method will also return if the order already has another terminal state, which is either Status.VALID or Status.INVALID.

This method is synchronous and blocks the current thread.

Parameter:

timeout - Timeout until a terminal status must have been reached

Gibt zurück:

Status that was reached

Löst aus:

AcmeException

InterruptedException

Seit:

3.4.0

waitForCompletion

public Status waitForCompletion(Duration timeout)
                         throws AcmeException,
InterruptedException

Waits until the order finalization is completed.

Is is completed if it reaches either Status.VALID or Status.INVALID.

This method is synchronous and blocks the current thread.

Parameter:

timeout - Timeout until a terminal status must have been reached

Gibt zurück:

Status that was reached

Löst aus:

AcmeException

InterruptedException

Seit:

3.4.0

isAutoRenewing

public boolean isAutoRenewing()

Checks if this order is auto-renewing, according to the ACME STAR specifications.

Seit:

2.3

getAutoRenewalStartDate

public Optional<Instant> getAutoRenewalStartDate()

Returns the earliest date of validity of the first certificate issued.

Löst aus:

AcmeNotSupportedException - if auto-renewal is not supported

Seit:

2.3

getAutoRenewalEndDate

public Instant getAutoRenewalEndDate()

Returns the latest date of validity of the last certificate issued.

Löst aus:

AcmeNotSupportedException - if auto-renewal is not supported

Seit:

2.3

getAutoRenewalLifetime

public Duration getAutoRenewalLifetime()

Returns the maximum lifetime of each certificate.

Löst aus:

AcmeNotSupportedException - if auto-renewal is not supported

Seit:

2.3

getAutoRenewalLifetimeAdjust

public Optional<Duration> getAutoRenewalLifetimeAdjust()

Returns the pre-date period of each certificate.

Löst aus:

AcmeNotSupportedException - if auto-renewal is not supported

Seit:

2.7

isAutoRenewalGetEnabled

public boolean isAutoRenewalGetEnabled()

Returns true if STAR certificates from this order can also be fetched via GET requests.

Seit:

2.6

cancelAutoRenewal

public void cancelAutoRenewal()
                       throws AcmeException

Cancels an auto-renewing order.

Löst aus:

AcmeException

Seit:

2.3

getProfile

public String getProfile()

Returns the selected profile.

Löst aus:

AcmeNotSupportedException - if profile is not supported

Seit:

3.5.0

invalidate

protected void invalidate()

Beschreibung aus Klasse kopiert: AcmeJsonResource

Invalidates the state of this resource. Enforces a AcmeJsonResource.fetch() when AcmeJsonResource.getJSON() is invoked.

Subclasses can override this method to purge internal caches that are based on the JSON structure. Remember to invoke super.invalidate()!

Setzt außer Kraft:

invalidate in Klasse AcmeJsonResource