Interface RpcCryptoProvider

All Superinterfaces:
RpcHandler, Serializable
public interface RpcCryptoProvider extends RpcHandler
Common interface for the RPC handler for certificates.
Since:
8.5.0
Author:
XIMA Media GmbH

  • Method Details

    • getCurrentValidCertificateForUsageSubjectAsKeyStore

      @NotNull @NotNull Optional<EncryptedKeyStore> getCurrentValidCertificateForUsageSubjectAsKeyStore(CertificateSelectionByUsageSubjectQuery query, CertificateProviderUser user, Long frontendServerId) throws FcCertificateProviderException
      Retrieves the current valid certificate for the given usage subject within the specified scope in form of keystore. The keystore contains the X.509 certificate and the corresponding private key, if available.

      CertificateSelectionByUsageSubjectQuery.isPartialMatch() does not apply in this method; only exact matches are considered.

      Parameters:
      query - the query containing the usage subject, selection scope, usage type, and optional filters.
      user - the user requesting the certificate.
      frontendServerId - The ID of the frontend server for which to get the key store. If null, the master server is assumed. Used to determine the password for the keystore.
      Returns:
      an Optional containing the encrypted keystore with the certificate if it exists.
      Throws:
      FcCertificateProviderException - if an error occurs while retrieving the certificate.

    • getCurrentValidCertificateForSubjectAsKeyStore

      @NotNull @NotNull Optional<EncryptedKeyStore> getCurrentValidCertificateForSubjectAsKeyStore(CertificateSelectionBySubjectQuery query, CertificateProviderUser user, Long frontendServerId) throws FcCertificateProviderException
      Retrieves the current valid certificate for the given subject for the specified client in form of a keystore. The keystore contains a single entry X.509 certificate and the corresponding private key, if available.

      CertificateSelectionBySubjectQuery.isPartialMatch() does not apply in this method; only exact matches are considered.

      Parameters:
      query - the query containing the subject, selection scope, and optional filters.
      user - the user requesting the certificate.
      frontendServerId - The ID of the frontend server for which to get the key store. If null, the master server is assumed. Used to determine the password for the keystore.
      Returns:
      an Optional containing the encrypted keystore with the certificate if it exists.
      Throws:
      FcCertificateProviderException - if an error occurs while retrieving the certificate.

    • getKeyStoreForTls

      EncryptedKeyStore getKeyStoreForTls(TlsScope tlsScope, CertificateProviderUser user, Long frontendServerId) throws FcCertificateProviderException
      Returns an encrypted keystore for the given TLS scope. The keystore contains the X.509 TLS certificate and the corresponding private key, if available.
      Parameters:
      tlsScope - The TLS scope for which to get the key store. Cannot be null.
      user - The user requesting the key store, used for permission checks. Cannot be null.
      frontendServerId - The ID of the frontend server for which to get the key store. If null, the master server is assumed. Used to determine the password for the keystore.
      Returns:
      The encrypted keystore containing the certificates and private keys for the given TLS scope.
      Throws:
      FcCertificateProviderException - if an error occurs while creating the keystore