Module org.shredzone.acme4j

Package org.shredzone.acme4j.challenge

Class TlsAlpn01Challenge

java.lang.Object

org.shredzone.acme4j.AcmeResource

org.shredzone.acme4j.AcmeJsonResource

org.shredzone.acme4j.challenge.Challenge

org.shredzone.acme4j.challenge.TokenChallenge

org.shredzone.acme4j.challenge.TlsAlpn01Challenge

All Implemented Interfaces:

Serializable, PollableResource

public class TlsAlpn01Challenge
extends TokenChallenge

Implements the "tls-alpn-01" challenge. It requires a specific certificate that can be retrieved from the domain via HTTPS request. See the acme4j documentation for a detailed explanation.

Since:

2.1

See Also:

• Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
static final String	ACME_TLS_1_PROTOCOL	acme-tls/1 protocol.
static final String	ACME_VALIDATION_OID	OID of the acmeValidation extension.
static final String	TYPE	Challenge type name: "tls-alpn-01"

Fields inherited from class org.shredzone.acme4j.challenge.TokenChallenge

KEY_TOKEN

Fields inherited from class org.shredzone.acme4j.challenge.Challenge

KEY_ERROR, KEY_STATUS, KEY_TYPE, KEY_URL, KEY_VALIDATED

Fields inherited from interface org.shredzone.acme4j.PollableResource

DEFAULT_RETRY_AFTER

Constructor Summary

Constructors

Constructor	Description
TlsAlpn01Challenge(Login login, JSON data)	Creates a new generic TlsAlpn01Challenge object.

Method Summary

Modifier and Type	Method	Description
protected boolean	acceptable(String type)	Checks if the type is acceptable to this challenge.
X509Certificate	createCertificate(KeyPair keypair, Identifier id)	Creates a self-signed X509Certificate for this challenge.
byte[]	getAcmeValidation()	Returns the value that is to be used as acmeValidation extension in the test certificate.

Methods inherited from class org.shredzone.acme4j.challenge.TokenChallenge

getAuthorization, getToken, keyAuthorizationFor

Methods inherited from class org.shredzone.acme4j.challenge.Challenge

getError, getStatus, getType, getValidated, prepareResponse, setJSON, trigger, waitForCompletion

Methods inherited from class org.shredzone.acme4j.AcmeJsonResource

fetch, getJSON, getRetryAfter, invalidate, isValid, setRetryAfter, update

Methods inherited from class org.shredzone.acme4j.AcmeResource

finalize, getLocation, getLogin, getSession, rebind

Methods inherited from class java.lang.Object

clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.shredzone.acme4j.PollableResource

fetch, waitForStatus

Field Details

TYPE

public static final String TYPE

Challenge type name: "tls-alpn-01"

See Also:

• Constant Field Values

ACME_VALIDATION_OID

public static final String ACME_VALIDATION_OID

OID of the acmeValidation extension.

See Also:

• Constant Field Values

ACME_TLS_1_PROTOCOL

public static final String ACME_TLS_1_PROTOCOL

acme-tls/1 protocol.

See Also:

• Constant Field Values

Constructor Details

TlsAlpn01Challenge

public TlsAlpn01Challenge(Login login,
 JSON data)

Creates a new generic TlsAlpn01Challenge object.

Parameters:

login - Login the resource is bound with

data - JSON challenge data

Method Details

getAcmeValidation

public byte[] getAcmeValidation()

Returns the value that is to be used as acmeValidation extension in the test certificate.

createCertificate

public X509Certificate createCertificate(KeyPair keypair,
 Identifier id)

Creates a self-signed X509Certificate for this challenge. The certificate is valid for 7 days.

Parameters:

keypair - A domain KeyPair to be used for the challenge

id - The Identifier that is to be validated

Returns:

Created certificate

Since:

3.0.0

acceptable

protected boolean acceptable(String type)

Description copied from class: Challenge

Checks if the type is acceptable to this challenge. This generic class only checks if the type is not blank. Subclasses should instead check if the given type matches expected challenge type.

Overrides:

acceptable in class Challenge

Parameters:

type - Type to check

Returns:

true if acceptable, false if not