Class Certificate
java.lang.Object
org.springframework.vault.support.Certificate
- Direct Known Subclasses:
CertificateBundle
Value object representing a certificate consisting of the certificate and the issuer
certificate. Certificate and keys can be either DER or PEM (including PEM bundle)
encoded. Certificates can be obtained as
X509Certificate
.- Since:
- 2.0
- Author:
- Mark Paluch
- See Also:
-
Method Summary
Modifier and TypeMethodDescriptionCreate a trust store asKeyStore
from thisCertificate
containing the certificate chain.createTrustStore
(boolean includeCaChain) Create a trust store asKeyStore
from thisCertificate
containing * the certificate chain.Retrieve the certificate asX509Certificate
.Retrieve the issuing CA certificate asX509Certificate
.Retrieve the issuing CA certificates as list ofX509Certificate
.boolean
static Certificate
Create aCertificate
given a private key with certificates and the serial number.static Certificate
Create aCertificate
given a private key with certificates and the serial number.static Certificate
of
(String serialNumber, String certificate, String issuingCaCertificate, List<String> caChain, Long revocationTime) Create aCertificate
given a private key with certificates and the serial number.
-
Method Details
-
of
Create aCertificate
given a private key with certificates and the serial number.- Parameters:
serialNumber
- must not be empty or null.certificate
- must not be empty or null.issuingCaCertificate
- must not be empty or null.- Returns:
- the
Certificate
-
of
public static Certificate of(String serialNumber, String certificate, String issuingCaCertificate, List<String> caChain) Create aCertificate
given a private key with certificates and the serial number.- Parameters:
serialNumber
- must not be empty or null.certificate
- must not be empty or null.issuingCaCertificate
- must not be empty or null.caChain
- empty list allowed- Returns:
- the
Certificate
. - Since:
- 3.1
-
of
public static Certificate of(String serialNumber, String certificate, String issuingCaCertificate, List<String> caChain, Long revocationTime) Create aCertificate
given a private key with certificates and the serial number.- Parameters:
serialNumber
- must not be empty or null.certificate
- must not be empty or null.issuingCaCertificate
- must not be empty or null.caChain
- empty list allowedrevocationTime
- revocation time, must not be null.- Returns:
- the
Certificate
. - Since:
- 3.1
-
getSerialNumber
- Returns:
- the serial number.
-
getCertificate
- Returns:
- encoded certificate (PEM or DER-encoded).
-
getIssuingCaCertificate
- Returns:
- encoded certificate of the issuing CA (PEM or DER-encoded).
-
getX509Certificate
Retrieve the certificate asX509Certificate
.- Returns:
- the
X509Certificate
. - Throws:
IllegalStateException
- if there is no X.509 certificate available.
-
getX509IssuerCertificate
Retrieve the issuing CA certificate asX509Certificate
.- Returns:
- the issuing CA
X509Certificate
.
-
createTrustStore
Create a trust store asKeyStore
from thisCertificate
containing the certificate chain.- Returns:
- the
KeyStore
containing the private key and certificate chain.
-
createTrustStore
Create a trust store asKeyStore
from thisCertificate
containing * the certificate chain.- Parameters:
includeCaChain
- whether to include the certificate authority chain instead of just the issuer certificate.- Returns:
- the
KeyStore
containing the certificate and certificate chain.
-
getX509IssuerCertificates
Retrieve the issuing CA certificates as list ofX509Certificate
.- Returns:
- the issuing CA
X509Certificate
. - Since:
- 2.3.3
-
getRevocationTime
-
isRevoked
public boolean isRevoked()
-