- All Implemented Interfaces:
Serializable
,PollableResource
- See Also:
-
Field Summary
Fields inherited from interface org.shredzone.acme4j.PollableResource
DEFAULT_RETRY_AFTER
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
Cancels an auto-renewing order.void
execute
(byte[] csr) Finalizes the order (seeexecute(KeyPair)
).void
Finalizes the order.void
execute
(KeyPair domainKeyPair, Consumer<CSRBuilder> builderConsumer) Finalizes the order (seeexecute(KeyPair)
).void
execute
(org.bouncycastle.pkcs.PKCS10CertificationRequest csr) Finalizes the order (seeexecute(KeyPair)
).Gets theAuthorization
that are required to fulfil this order, in no specific order.Gets the STAR extension'sCertificate
if it is available.Returns the latest date of validity of the last certificate issued.Returns the maximum lifetime of each certificate.Returns the pre-date period of each certificate.Returns the earliest date of validity of the first certificate issued.Gets theCertificate
.getError()
Returns aProblem
document with the reason if the order has failed.Gets the expiry date of the authorization, if set by the server.Gets the locationURL
of where to send the finalization call to.Gets a list ofIdentifier
that are connected to this order.Gets the "not after" date that was used for the order.Gets the "not before" date that was used for the order.Returns the current status of the order.protected void
Invalidates the state of this resource.boolean
Returnstrue
if STAR certificates from this order can also be fetched via GET requests.boolean
Checks if this order is auto-renewing, according to the ACME STAR specifications.waitForCompletion
(Duration timeout) Waits until the order finalization is completed.waitUntilReady
(Duration timeout) Waits until the order is ready for finalization.Methods inherited from class org.shredzone.acme4j.AcmeJsonResource
fetch, getJSON, getRetryAfter, isValid, setJSON, setRetryAfter, update
Methods inherited from class org.shredzone.acme4j.AcmeResource
finalize, getLocation, getLogin, getSession, rebind
Methods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.shredzone.acme4j.PollableResource
fetch, waitForStatus
-
Constructor Details
-
Order
-
-
Method Details
-
getStatus
Returns the current status of the order.Possible values are:
Status.PENDING
,Status.READY
,Status.PROCESSING
,Status.VALID
,Status.INVALID
. If the server supports STAR, another possible value isStatus.CANCELED
.- Specified by:
getStatus
in interfacePollableResource
-
getError
Returns aProblem
document with the reason if the order has failed. -
getExpires
Gets the expiry date of the authorization, if set by the server. -
getIdentifiers
Gets a list ofIdentifier
that are connected to this order.- Since:
- 2.3
-
getNotBefore
Gets the "not before" date that was used for the order. -
getNotAfter
Gets the "not after" date that was used for the order. -
getAuthorizations
Gets theAuthorization
that are required to fulfil this order, in no specific order. -
getFinalizeLocation
Gets the locationURL
of where to send the finalization call to.For internal purposes. Use
execute(byte[])
to finalize an order. -
getCertificate
Gets theCertificate
.- Throws:
IllegalStateException
- if the order is not ready yet. You must finalize the order first, and wait for the status to becomeStatus.VALID
.
-
getAutoRenewalCertificate
Gets the STAR extension'sCertificate
if it is available.- Throws:
IllegalStateException
- if the order is not ready yet. You must finalize the order first, and wait for the status to becomeStatus.VALID
. It is also thrown if the order has beenStatus.CANCELED
.- Since:
- 2.6
-
execute
Finalizes the order.If the finalization was successful, the certificate is provided via
getCertificate()
.Even though the ACME protocol uses the term "finalize an order", this method is called
execute(KeyPair)
to avoid confusion with the problematicObject.finalize()
method.- Parameters:
domainKeyPair
- TheKeyPair
that is going to be certified. This is not your account's keypair!- Throws:
AcmeException
- Since:
- 3.0.0
- See Also:
-
execute
public void execute(KeyPair domainKeyPair, Consumer<CSRBuilder> builderConsumer) throws AcmeException Finalizes the order (seeexecute(KeyPair)
).This method also accepts a builderConsumer that can be used to add further details to the CSR (e.g. your organization). The identifiers (IPs, domain names, etc.) are automatically added to the CSR.
- Parameters:
domainKeyPair
- TheKeyPair
that is going to be used together with the certificate. This is not your account's keypair!builderConsumer
-Consumer
that adds further details to the providedCSRBuilder
.- Throws:
AcmeException
- Since:
- 3.0.0
- See Also:
-
execute
Finalizes the order (seeexecute(KeyPair)
).This method receives a
PKCS10CertificationRequest
instance of a CSR that was generated externally. Use this method to gain full control over the content of the CSR. The CSR is not checked by acme4j, but just transported to the CA. It is your responsibility that it matches to the order.- Parameters:
csr
-PKCS10CertificationRequest
to be used for this order.- Throws:
AcmeException
- Since:
- 3.0.0
- See Also:
-
execute
Finalizes the order (seeexecute(KeyPair)
).This method receives a byte array containing an encoded CSR that was generated externally. Use this method to gain full control over the content of the CSR. The CSR is not checked by acme4j, but just transported to the CA. It is your responsibility that it matches to the order.
- Parameters:
csr
- Binary representation of a CSR containing the parameters for the certificate being requested, in DER format- Throws:
AcmeException
- See Also:
-
waitUntilReady
Waits until the order is ready for finalization.Is is ready if it reaches
Status.READY
. The method will also return if the order already has another terminal state, which is eitherStatus.VALID
orStatus.INVALID
.This method is synchronous and blocks the current thread.
- Parameters:
timeout
- Timeout until a terminal status must have been reached- Returns:
- Status that was reached
- Throws:
AcmeException
InterruptedException
- Since:
- 3.4.0
-
waitForCompletion
Waits until the order finalization is completed.Is is completed if it reaches either
Status.VALID
orStatus.INVALID
.This method is synchronous and blocks the current thread.
- Parameters:
timeout
- Timeout until a terminal status must have been reached- Returns:
- Status that was reached
- Throws:
AcmeException
InterruptedException
- Since:
- 3.4.0
-
isAutoRenewing
Checks if this order is auto-renewing, according to the ACME STAR specifications.- Since:
- 2.3
-
getAutoRenewalStartDate
Returns the earliest date of validity of the first certificate issued.- Throws:
AcmeNotSupportedException
- if auto-renewal is not supported- Since:
- 2.3
-
getAutoRenewalEndDate
Returns the latest date of validity of the last certificate issued.- Throws:
AcmeNotSupportedException
- if auto-renewal is not supported- Since:
- 2.3
-
getAutoRenewalLifetime
Returns the maximum lifetime of each certificate.- Throws:
AcmeNotSupportedException
- if auto-renewal is not supported- Since:
- 2.3
-
getAutoRenewalLifetimeAdjust
Returns the pre-date period of each certificate.- Throws:
AcmeNotSupportedException
- if auto-renewal is not supported- Since:
- 2.7
-
isAutoRenewalGetEnabled
Returnstrue
if STAR certificates from this order can also be fetched via GET requests.- Since:
- 2.6
-
cancelAutoRenewal
Cancels an auto-renewing order.- Throws:
AcmeException
- Since:
- 2.3
-
invalidate
Description copied from class:AcmeJsonResource
Invalidates the state of this resource. Enforces aAcmeJsonResource.fetch()
whenAcmeJsonResource.getJSON()
is invoked.Subclasses can override this method to purge internal caches that are based on the JSON structure. Remember to invoke
super.invalidate()
!- Overrides:
invalidate
in classAcmeJsonResource
-