com.ibm.security.certclient

Interface PkEeBuiltReqTransaction

All Superinterfaces:

PkEeReqTransaction, PkEeTransaction

All Known Subinterfaces:

PkEeCertReqTransaction

public interface PkEeBuiltReqTransaction
extends PkEeReqTransaction

Built version of the certificate request. Allows request parameters to be changed after creation of a request but before actioning the transaction

Method Summary

Modifier and Type	Method and Description
void	addKeyUsage(List<String> kUsage) Merges the provided key usages to those already existing if any.
KeyPair	getKeyPair() Fetch the keyPair that was created for this certificate request.
PrivateKey	getPrivateKey() Fetch the private key that was created for this certificate request.
PublicKey	getPublicKey() Fetch the public key that was created for this certificate request.
void	setSubjectAltNames(List<String> subjectAltNames) Adds the provided alternate names to the certificate request.
void	setSubjectKeyIdShort(boolean form) Determines if the short form of the subjectKey identifier is required as defined in RFC3280
void	setValidity(int days) Set the validity period for the key.

Methods inherited from interface com.ibm.security.certclient.PkEeReqTransaction

getCertificateChain, getPKCS10CertReq, getSignedCert

Methods inherited from interface com.ibm.security.certclient.PkEeTransaction

actionRequest

Method Detail

setValidity

void setValidity(int days)
          throws com.ibm.security.certclient.base.PkException

Set the validity period for the key. The start of the period will be set when the Request is actioned. Overrides current value if any.

Parameters:

days - period length in days.

Throws:

com.ibm.security.certclient.base.PkException - days less than 1

setSubjectKeyIdShort

void setSubjectKeyIdShort(boolean form)

Determines if the short form of the subjectKey identifier is required as defined in RFC3280

Parameters:

form - set true if the short form is required otherwise false.

setSubjectAltNames

void setSubjectAltNames(List<String> subjectAltNames)

Adds the provided alternate names to the certificate request. These will replace any existing names.

Parameters:

subjectAltNames - List of subject alternate names. Specify null to indicate that no value is being specified.

1. email email address for the subject , e.g. newUser@us.ibm.com
2. dnsName domain name server name. Name is not case sensitive. e.g host.domain
3. uri universal resource identifier ,e.g http://www.tivoli.com, ftp://www.ibm.com/
4. ipaddress ipaddress for the subject , e.g. 127.0.0.1

addKeyUsage

void addKeyUsage(List<String> kUsage)

Merges the provided key usages to those already existing if any.

Parameters:

kUsage - List of key usages - "digital_signature" "non_repudiation" "key_encipherment" "data_encipherment" "encipher_only" "decipher_only"

getPrivateKey

PrivateKey getPrivateKey()

Fetch the private key that was created for this certificate request. This will only be meaningful after the certificate request has been actioned.

Returns:

the private key or null if the key has not been generated

getPublicKey

PublicKey getPublicKey()

Fetch the public key that was created for this certificate request. This will only be meaningful after the certificate request has been actioned.

Returns:

the public key or null if the key has not been generated

getKeyPair

KeyPair getKeyPair()

Fetch the keyPair that was created for this certificate request. This will only be meaningful after the certificate request has been actioned.

Returns:

the keyPair or null if the key has not been generated