- All Implemented Interfaces:
Serializable,PollableResource
- See Also:
-
Field Summary
Fields inherited from interface org.shredzone.acme4j.PollableResource
DEFAULT_RETRY_AFTER -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidCancels an auto-renewing order.voidexecute(byte[] csr) Finalizes the order (seeexecute(KeyPair)).voidFinalizes the order.voidexecute(KeyPair domainKeyPair, Consumer<CSRBuilder> builderConsumer) Finalizes the order (seeexecute(KeyPair)).voidexecute(org.bouncycastle.pkcs.PKCS10CertificationRequest csr) Finalizes the order (seeexecute(KeyPair)).Gets theAuthorizationthat are required to fulfil this order, in no specific order.Returns the latest date of validity of the last certificate issued.Returns the maximum lifetime of each certificate.Returns the pre-date period of each certificate.Returns the earliest date of validity of the first certificate issued.Gets theCertificate.getError()Returns aProblemdocument with the reason if the order has failed.Gets the expiry date of the authorization, if set by the server.Gets the locationURLof where to send the finalization call to.Gets a list ofIdentifierthat are connected to this order.Gets the "not after" date that was used for the order.Gets the "not before" date that was used for the order.Returns the selected profile.Returns the current status of the order.protected voidInvalidates the state of this resource.booleanReturns whether this is a STAR certificate (true) or a standard certificate (false).booleanReturnstrueif STAR certificates from this order can also be fetched via GET requests.booleanChecks if this order is auto-renewing, according to the ACME STAR specifications.waitForCompletion(Duration timeout) Waits until the order finalization is completed.waitUntilReady(Duration timeout) Waits until the order is ready for finalization.Methods inherited from class org.shredzone.acme4j.AcmeJsonResource
fetch, getJSON, getRetryAfter, isValid, setJSON, setRetryAfterMethods inherited from class org.shredzone.acme4j.AcmeResource
finalize, getLocation, getLogin, getSession, rebindMethods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.shredzone.acme4j.PollableResource
fetch, waitForStatus
-
Constructor Details
-
Order
-
-
Method Details
-
getStatus
Returns the current status of the order.Possible values are:
Status.PENDING,Status.READY,Status.PROCESSING,Status.VALID,Status.INVALID. If the server supports STAR, another possible value isStatus.CANCELED.- Specified by:
getStatusin interfacePollableResource
-
getError
Returns aProblemdocument with the reason if the order has failed. -
getExpires
Gets the expiry date of the authorization, if set by the server. -
getIdentifiers
Gets a list ofIdentifierthat are connected to this order.- Since:
- 2.3
-
getNotBefore
Gets the "not before" date that was used for the order. -
getNotAfter
Gets the "not after" date that was used for the order. -
getAuthorizations
Gets theAuthorizationthat are required to fulfil this order, in no specific order. -
getFinalizeLocation
Gets the locationURLof where to send the finalization call to.For internal purposes. Use
execute(byte[])to finalize an order. -
getCertificate
Gets theCertificate.- Throws:
IllegalStateException- if the order is not ready yet. You must finalize the order first, and wait for the status to becomeStatus.VALID.
-
isAutoRenewalCertificate
Returns whether this is a STAR certificate (true) or a standard certificate (false).- Since:
- 3.5.0
-
execute
Finalizes the order.If the finalization was successful, the certificate is provided via
getCertificate().Even though the ACME protocol uses the term "finalize an order", this method is called
execute(KeyPair)to avoid confusion with the problematicObject.finalize()method.- Parameters:
domainKeyPair- TheKeyPairthat is going to be certified. This is not your account's keypair!- Throws:
AcmeException- Since:
- 3.0.0
- See Also:
-
execute
public void execute(KeyPair domainKeyPair, Consumer<CSRBuilder> builderConsumer) throws AcmeException Finalizes the order (seeexecute(KeyPair)).This method also accepts a builderConsumer that can be used to add further details to the CSR (e.g. your organization). The identifiers (IPs, domain names, etc.) are automatically added to the CSR.
- Parameters:
domainKeyPair- TheKeyPairthat is going to be used together with the certificate. This is not your account's keypair!builderConsumer-Consumerthat adds further details to the providedCSRBuilder.- Throws:
AcmeException- Since:
- 3.0.0
- See Also:
-
execute
Finalizes the order (seeexecute(KeyPair)).This method receives a
PKCS10CertificationRequestinstance of a CSR that was generated externally. Use this method to gain full control over the content of the CSR. The CSR is not checked by acme4j, but just transported to the CA. It is your responsibility that it matches to the order.- Parameters:
csr-PKCS10CertificationRequestto be used for this order.- Throws:
AcmeException- Since:
- 3.0.0
- See Also:
-
execute
Finalizes the order (seeexecute(KeyPair)).This method receives a byte array containing an encoded CSR that was generated externally. Use this method to gain full control over the content of the CSR. The CSR is not checked by acme4j, but just transported to the CA. It is your responsibility that it matches to the order.
- Parameters:
csr- Binary representation of a CSR containing the parameters for the certificate being requested, in DER format- Throws:
AcmeException- See Also:
-
waitUntilReady
Waits until the order is ready for finalization.Is is ready if it reaches
Status.READY. The method will also return if the order already has another terminal state, which is eitherStatus.VALIDorStatus.INVALID.This method is synchronous and blocks the current thread.
- Parameters:
timeout- Timeout until a terminal status must have been reached- Returns:
- Status that was reached
- Throws:
AcmeExceptionInterruptedException- Since:
- 3.4.0
-
waitForCompletion
Waits until the order finalization is completed.Is is completed if it reaches either
Status.VALIDorStatus.INVALID.This method is synchronous and blocks the current thread.
- Parameters:
timeout- Timeout until a terminal status must have been reached- Returns:
- Status that was reached
- Throws:
AcmeExceptionInterruptedException- Since:
- 3.4.0
-
isAutoRenewing
Checks if this order is auto-renewing, according to the ACME STAR specifications.- Since:
- 2.3
-
getAutoRenewalStartDate
Returns the earliest date of validity of the first certificate issued.- Throws:
AcmeNotSupportedException- if auto-renewal is not supported- Since:
- 2.3
-
getAutoRenewalEndDate
Returns the latest date of validity of the last certificate issued.- Throws:
AcmeNotSupportedException- if auto-renewal is not supported- Since:
- 2.3
-
getAutoRenewalLifetime
Returns the maximum lifetime of each certificate.- Throws:
AcmeNotSupportedException- if auto-renewal is not supported- Since:
- 2.3
-
getAutoRenewalLifetimeAdjust
Returns the pre-date period of each certificate.- Throws:
AcmeNotSupportedException- if auto-renewal is not supported- Since:
- 2.7
-
isAutoRenewalGetEnabled
Returnstrueif STAR certificates from this order can also be fetched via GET requests.- Since:
- 2.6
-
cancelAutoRenewal
Cancels an auto-renewing order.- Throws:
AcmeException- Since:
- 2.3
-
getProfile
Returns the selected profile.- Throws:
AcmeNotSupportedException- if profile is not supported- Since:
- 3.5.0
-
invalidate
Description copied from class:AcmeJsonResourceInvalidates the state of this resource. Enforces aAcmeJsonResource.fetch()whenAcmeJsonResource.getJSON()is invoked.Subclasses can override this method to purge internal caches that are based on the JSON structure. Remember to invoke
super.invalidate()!- Overrides:
invalidatein classAcmeJsonResource
-