CertificateRegistryMBean

Overview | Child MBeans | Attributes | Operations

Overview

The CertificateRegistryMBean is used to configure and manage the Certificate registry. It is both a builder and a validator. It supports building from the end certificate, the end certificate's subject dn, the end certificate's issuer DN and serial number, and the end certificate's subject key identifier.Deprecation of MBeanHome and Type-Safe InterfacesThis is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime. For more information, see "Developing Manageable Applications with JMX" on http://www.oracle.com/technology/documentation/index.html.

Fully Qualified Interface Name

If you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.security.providers.pk.CertificateRegistryMBean

Factory Methods

No factory methods. Instances of this MBean are created automatically.

Access Points Inherited from CertPathBuilderMBean

Because this MBean extends or implements CertPathBuilderMBean, you can also access this MBean by retrieving CertPathBuilderMBeans. The following attributes contain CertPathBuilderMBeans and its subtypes:

RealmMBean.CertPathBuilder

Access Points Inherited from CertPathProviderMBean

Because this MBean extends or implements CertPathProviderMBean, you can also access this MBean by retrieving CertPathProviderMBeans. The following attributes contain CertPathProviderMBeans and its subtypes:

RealmMBean.CertPathProviders

Child MBeans

This section describes attributes that contain child MBeans. For more information about the MBean hierarchy, refer to WebLogic Server MBean Data Model.

Realm

Realm

Returns the realm that contains this security provider. Returns null if this security provider is not contained by a realm.

Factory Methods	No explicit creator method. The child shares the lifecycle of its parent.
Privileges	Read only
Type	RealmMBean

Attributes

This section describes the following attributes:

Description
Name
ProviderClassName
SupportedExportConstraints
SupportedExportFormats

SupportedImportConstraints
SupportedImportFormats
Version

Description

The certificate registry's description.

Privileges	Read only
Type	java.lang.String
Default Value	Certificate Registry
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

Name

Privileges	Read only
Type	java.lang.String
Default Value	CertificateRegistry
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

ProviderClassName

The name of the Java class used to load the certificate registry.

Privileges	Read only
Type	java.lang.String
Default Value	weblogic.security.providers.pk.CertificateRegistryRuntimeImpl
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

SupportedExportConstraints

A certificate registry always exports all the certificates in the registry thus does not support export constraints.

Privileges	Read only
Type	class java.lang.String[]
Default Value
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

SupportedExportFormats

A certificate registry exports trusted CAs to a JKS keystore. The keystore must not already exist.

Privileges	Read only
Type	class java.lang.String[]
Default Value	JKS KeyStore
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

SupportedImportConstraints

A certificate registry always imports all the certificates in a keystore (identities and trusted CAs) thus does not support export constraints.

Privileges	Read only
Type	class java.lang.String[]
Default Value
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

SupportedImportFormats

A certificate registry imports trusted CAs from a JKS keystore.

Privileges	Read only
Type	class java.lang.String[]
Default Value	JKS KeyStore
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

Version

The certificate registry's version.

Privileges	Read only
Type	java.lang.String
Default Value	1.0
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

Operations

This section describes the following operations:

advance
aliasExists
close
copyToDER
copyToPEM
exportData
getCertificate
getCurrentName

haveCurrent
importData
listAliases
registerCertificate
unregisterCertificate
wls_getDisplayName

advance

Advances the list to the next element in the list.

Operation Name	`"advance"`
Parameters	`Object [] { cursor }` where: `cursor` is an object of type `java.lang.String` that specifies: - The cursor returned from a previous list method.
Signature	`String [] { "java.lang.String" }`
Returns	`void`

Exceptions

weblogic.management.utils.InvalidCursorException

aliasExists

Determines whether or not an alias exists in the registry. Throws InvalidParameterException if alias is empty or null.

Operation Name	`"aliasExists"`
Parameters	`Object [] { alias }` where: `alias` is an object of type `java.lang.String` that specifies: - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature	`String [] { "java.lang.String" }`
Returns	`boolean`

Exceptions

weblogic.management.utils.InvalidParameterException

close

Indicates that the caller is finished using the list, and that the resources held on behalf of the list may be released. If the caller traverses through all the elements in the list, the caller need not call this method. In other words, it is used to let the caller close the list without reading each element that is returned.

Operation Name	`"close"`
Parameters	`Object [] { cursor }` where: `cursor` is an object of type `java.lang.String` that specifies: - The cursor returned from a previous list method.
Signature	`String [] { "java.lang.String" }`
Returns	`void`

Exceptions

weblogic.management.utils.InvalidCursorException

copyToDER

writes a certificate in the registry to a file in DER binary format. Throws InvalidParameterException if alias or certificateFile is empty or null or if the file cannot be written to.

Operation Name	`"copyToDER"`
Parameters	`Object [] { alias, certificateFile }` where: `alias` is an object of type `java.lang.String` that specifies: - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive. `certificateFile` is an object of type `java.lang.String` that specifies: - The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.
Signature	`String [] { "java.lang.String", "java.lang.String" }`
Returns	`void`

Exceptions

weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException

copyToPEM

writes a certificate in the registry to a file in PEM base64 encoded format. Throws InvalidParameterException if alias or certificateFile is empty or null or if the file cannot be written to.

Operation Name	`"copyToPEM"`
Parameters	`Object [] { alias, certificateFile }` where: `alias` is an object of type `java.lang.String` that specifies: - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive. `certificateFile` is an object of type `java.lang.String` that specifies: - The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.
Signature	`String [] { "java.lang.String", "java.lang.String" }`
Returns	`void`

Exceptions

weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException

exportData

Exports provider specific data in a specified format. When errors occur, the MBean throws an ErrorCollectionException containing a list of java.lang.Exceptions, where the text of each exception describes the error.

Operation Name	`"exportData"`
Parameters	`Object [] { format, filename, constraints }` where: `format` is an object of type `java.lang.String` that specifies: - The format for exporting provider specific data. `filename` is an object of type `java.lang.String` that specifies: - The full path to the filename used to write data. `constraints` is an object of type `java.util.Properties` that specifies: - The constraints to be used when exporting data. A null value indicates that all data will be exported.
Signature	`String [] { "java.lang.String", "java.lang.String", "java.util.Properties" }`
Returns	`void`

Exceptions

weblogic.management.utils.InvalidParameterException
weblogic.management.utils.ErrorCollectionException

getCertificate

Retrieves a certificate from the registry.Throws NotFoundException if alias does not exist in the registry.

Operation Name	`"getCertificate"`
Parameters	`Object [] { alias }` where: `alias` is an object of type `java.lang.String` that specifies: - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature	`String [] { "java.lang.String" }`
Returns	`X509Certificate`

Exceptions

weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException

getCurrentName

The name of the current item in the list. Returns null if there is no current item.

Operation Name	`"getCurrentName"`
Parameters	`Object [] { cursor }` where: `cursor` is an object of type `java.lang.String` that specifies: - The cursor returned from a previous list method.
Signature	`String [] { "java.lang.String" }`
Returns	`String`

Exceptions

weblogic.management.utils.InvalidCursorException

haveCurrent

Returns true if there are more objects in the list, and false otherwise.

Operation Name	`"haveCurrent"`
Parameters	`Object [] { cursor }` where: `cursor` is an object of type `java.lang.String` that specifies: - The cursor returned from a previous list method.
Signature	`String [] { "java.lang.String" }`
Returns	`boolean`

Exceptions

weblogic.management.utils.InvalidCursorException

importData

Imports provider specific data from a specified format. When errors occur, the MBean throws an ErrorCollectionException containing a list of java.lang.Exceptions, where the text of each exception describes the error.

Operation Name	`"importData"`
Parameters	`Object [] { format, filename, constraints }` where: `format` is an object of type `java.lang.String` that specifies: - The format for importing provider specific data. `filename` is an object of type `java.lang.String` that specifies: - The full path to the filename used to read data. `constraints` is an object of type `java.util.Properties` that specifies: - The constraints to be used when importing data. A null value indicates that all data will be imported.
Signature	`String [] { "java.lang.String", "java.lang.String", "java.util.Properties" }`
Returns	`void`

Exceptions

weblogic.management.utils.InvalidParameterException
weblogic.management.utils.ErrorCollectionException

listAliases

Lists the registered aliases that match a wild card.Returns a String containing a cursor that may be passed into the NameListerMBean methods to read the list. The getCurrentName method returns the current alias on the list.

Operation Name	`"listAliases"`
Parameters	`Object [] { aliasWildcard, maxToReturn }` where: `aliasWildcard` is an object of type `java.lang.String` that specifies: - A wild card used to select aliases. It supports three formats: "" matches all aliases. "foo" matches all aliases starting with the string "foo". "foo" matches the alias "foo" only. The matches are case-insensitive. `maxToReturn` is an object of type `java.lang.Integer` that specifies: - The maximum number of aliases this method may return. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort the results. Set this parameter to zero to return all matching aliases.
Signature	`String [] { "java.lang.String", "java.lang.Integer" }`
Returns	`String`

Exceptions

weblogic.management.utils.InvalidCursorException
weblogic.management.utils.InvalidParameterException

registerCertificate

Registers an end certificate in the registry under an alias. Throws InvalidParameterException if the alias or certificateFile is empty or null or if the file does not exist or cannot be read.

Operation Name	`"registerCertificate"`
Parameters	`Object [] { alias, certificateFile }` where: `alias` is an object of type `java.lang.String` that specifies: - The alias to register the certificate under. It must not be empty or null. Aliases are case-insensitive. `certificateFile` is an object of type `java.lang.String` that specifies: - The pathname (relative to the directory the admin server is booted from) of a PEM or DER file containing the certificate to be registered.
Signature	`String [] { "java.lang.String", "java.lang.String" }`
Returns	`void`

Exceptions

weblogic.management.utils.AlreadyExistsException
weblogic.management.utils.InvalidParameterException

unregisterCertificate

Unregisters an end certificate from the registry. Throws InvalidParameterException if alias is empty or null.

Operation Name	`"unregisterCertificate"`
Parameters	`Object [] { alias }` where: `alias` is an object of type `java.lang.String` that specifies: - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature	`String [] { "java.lang.String" }`
Returns	`void`

Exceptions

weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException

wls_getDisplayName

Operation Name	`"wls_getDisplayName"`
Parameters	`null`
Signature	`null`
Returns	`String`