CertificateRegistryMBean
Overview | Related MBeans | Attributes | Operations
Overview
The CertificateRegistryMBean is used to configure and manage the Certificate registry.
It is both a builder and a validator. It supports building from the end certificate, the end certificate's subject dn, the end certificate's issuer DN and serial number, and the end certificate's subject key identifier.
Fully Qualified Interface Name If you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.security.providers.pk.CertificateRegistryMBean
Factory Methods No factory methods. Instances of this MBean are created automatically.
Related MBeans
This section describes attributes that provide access to other MBeans. For more information about the MBean hierarchy, refer to WebLogic Server MBean Data Model.
Realm
Returns the realm that contains this security provider. Returns null if this security provider is not contained by a realm.
Privileges Read only Type RealmMBean Relationship type: Reference.
Attributes
This section describes the following attributes:
Description
The certificate registry's description.
Privileges Read only Type java.lang.String Default Value Certificate Registry Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.
Name of
Privileges Read only Type java.lang.String Default Value CertificateRegistry Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.
ProviderClassName
The name of the Java class used to load the certificate registry.
Privileges Read only Type java.lang.String Default Value weblogic.security.providers.pk.CertificateRegistryRuntimeImpl Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.
SupportedExportConstraints
No description provided.
Privileges Read only Type class java.lang.String[] Default Value com.bea.contextelement.security.CertificateGroup Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.
SupportedExportFormats
No description provided.
Privileges Read only Type class java.lang.String[] Default Value JKS KeyStore Group JKS KeyStore Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.
SupportedImportConstraints
No description provided.
Privileges Read only Type class java.lang.String[] Default Value com.bea.contextelement.security.CertificateGroup Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.
SupportedImportFormats
No description provided.
Privileges Read only Type class java.lang.String[] Default Value Group JKS KeyStore JKS KeyStore Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.
Version
The certificate registry's version.
Privileges Read only Type java.lang.String Default Value 1.0 Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.
Operations
This section describes the following operations:
addCertificateToTrustGroups
Add an already registered end certificate to list of trust groups.
Throws ErrorCollectionException containing any errors when register the certificate to a single trust group.
Throws InvalidParameterException if the trust groups, alias or certificateFile is empty or null or if the file does not exist or cannot be read.
Throws NotFoundException when the given alias does not exist in the registry.
Operation Name "addCertificateToTrustGroups"Parameters Object [] { trustGroups, alias }where:
trustGroups is an object of type[Ljava.lang.String; that specifies:
- The trust groups to register the certificate under. It must not be empty or null. Trust groups are case-insensitive.
alias is an object of typejava.lang.String that specifies:
- The alias to register the certificate under. It must not be empty or null. Aliases are case-insensitive.
Signature String [] { "[Ljava.lang.String;", "java.lang.String" }Returns voidExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.ErrorCollectionException
weblogic.management.utils.InvalidParameterException
advance
Advances the list to the next element in the list.
Operation Name "advance"Parameters Object [] { cursor }where:
cursor is an object of typejava.lang.String that specifies:
- The cursor returned from a previous list method.
Signature String [] { "java.lang.String" }Returns voidExceptions
weblogic.management.utils.InvalidCursorException
aliasExists
Determines whether or not an alias exists in the registry.
Throws InvalidParameterException if alias is empty or null.
Operation Name "aliasExists"Parameters Object [] { alias }where:
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature String [] { "java.lang.String" }Returns booleanExceptions
weblogic.management.utils.InvalidParameterException
aliasExists
Determines whether or not an alias exists in a trust group.
Return true if the alias exists in the trust group otherwise return false.
Throws InvalidParameterException if the alias or trust group is empty or null.
Operation Name "aliasExists"Parameters Object [] { trustGroup, alias }where:
trustGroup is an object of typejava.lang.String that specifies:
- The trust group to the certificate is registered under. It must not be empty or null. Trustg roups are case-insensitive.
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature String [] { "java.lang.String", "java.lang.String" }Returns booleanExceptions
weblogic.management.utils.InvalidParameterException
close
Indicates that the caller is finished using the list, and that the resources held on behalf of the list may be released. If the caller traverses through all the elements in the list, the caller need not call this method. In other words, it is used to let the caller close the list without reading each element that is returned.
Operation Name "close"Parameters Object [] { cursor }where:
cursor is an object of typejava.lang.String that specifies:
- The cursor returned from a previous list method.
Signature String [] { "java.lang.String" }Returns voidExceptions
weblogic.management.utils.InvalidCursorException
copyFromJKS
Register all certificates contained in a JKS file to a trust group.
Throws InvalidParameterException if the trust group or certificateFile is empty or null or if the file cannot be written to.
Throws NotFoundException if the trust group does not exist in the registry.
Throws ErrorCollectionException if errors happen when register any certificate to the group.
Operation Name "copyFromJKS"Parameters Object [] { trustGroup, certificateFile }where:
trustGroup is an object of typejava.lang.String that specifies:
- The trust group to the certificate is registered under. It must not be empty or null. Trust Groups are case-insensitive.
certificateFile is an object of typejava.lang.String that specifies:
- The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.
Signature String [] { "java.lang.String", "java.lang.String" }Returns voidExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
weblogic.management.utils.ErrorCollectionException
copyToDER
writes a certificate in the registry to a file in DER binary format.
Throws InvalidParameterException if alias or certificateFile is empty or null or if the file cannot be written to.
Operation Name "copyToDER"Parameters Object [] { alias, certificateFile }where:
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
certificateFile is an object of typejava.lang.String that specifies:
- The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.
Signature String [] { "java.lang.String", "java.lang.String" }Returns voidExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
copyToDER
writes a certificate in a trust group to a file in DER binary format.
Throws InvalidParameterException if the trust group, alias or certificateFile is empty or null or if the file cannot be written to.
Throws NotFoundException if the certificate does not exist in the trust group
Operation Name "copyToDER"Parameters Object [] { trustGroup, alias, certificateFile }where:
trustGroup is an object of typejava.lang.String that specifies:
- The trust group to the certificate is registered under. It must not be empty or null. Trust Groups are case-insensitive.
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
certificateFile is an object of typejava.lang.String that specifies:
- The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.
Signature String [] { "java.lang.String", "java.lang.String", "java.lang.String" }Returns voidExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
copyToJKS
writes all certificates in a trust group to a JKS.
Throws InvalidParameterException if the trust group or certificateFile is empty or null or if the file cannot be written to.
Throws NotFoundException if the trust group does not exist in the registry.
Throws ErrorCollectionException if errors happen when write any certificate to the JKS file.
Operation Name "copyToJKS"Parameters Object [] { trustGroup, JKSFile }where:
trustGroup is an object of typejava.lang.String that specifies:
- The trustgroup to the certificate was registered under. It must not be empty or null. Trust Groups are case-insensitive.
JKSFile is an object of typejava.lang.String that specifies:
- The pathname (relative to the directory the admin server is booted from) of the file to write the certificates to.
Signature String [] { "java.lang.String", "java.lang.String" }Returns voidExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
weblogic.management.utils.ErrorCollectionException
copyToPEM
writes a certificate in the registry to a file in PEM base64 encoded format.
Throws InvalidParameterException if alias or certificateFile is empty or null or if the file cannot be written to.
Operation Name "copyToPEM"Parameters Object [] { alias, certificateFile }where:
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
certificateFile is an object of typejava.lang.String that specifies:
- The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.
Signature String [] { "java.lang.String", "java.lang.String" }Returns voidExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
copyToPEM
writes a certificate in a trust group to a file in PEM base64 encoded format.
Throws InvalidParameterException if the trust group, alias or certificateFile is empty or null or if the file cannot be written to.
Throws NotFoundException if the certificate does not exist in the trust group
Operation Name "copyToPEM"Parameters Object [] { trustGroup, alias, certificateFile }where:
trustGroup is an object of typejava.lang.String that specifies:
- The trust group to the certificate is registered under. It must not be empty or null. Trust groups are case-insensitive.
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
certificateFile is an object of typejava.lang.String that specifies:
- The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.
Signature String [] { "java.lang.String", "java.lang.String", "java.lang.String" }Returns voidExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
createTrustGroup
Create an empty trust group in the registry.
Throws AlreadyExistsException if the trust group already registered to the registry.
Throws InvalidParameterException if the trust group is empty or null.
Operation Name "createTrustGroup"Parameters Object [] { TrustGroup }where:
TrustGroup is an object of typejava.lang.String that specifies:
- The trust group to register the certificate under. It must not be empty or null. Trust groups are case-insensitive.
Signature String [] { "java.lang.String" }Returns voidExceptions
weblogic.management.utils.AlreadyExistsException
weblogic.management.utils.InvalidParameterException
exportData
Exports provider specific data in a specified format. When errors occur, the MBean throws an ErrorCollectionException containing a list of
java.lang.Exceptions, where the text of each exception describes the error.
Operation Name "exportData"Parameters Object [] { format, filename, constraints }where:
format is an object of typejava.lang.String that specifies:
- The format for exporting provider specific data.
filename is an object of typejava.lang.String that specifies:
- The full path to the filename used to write data.
constraints is an object of typejava.util.Properties that specifies:
- The constraints to be used when exporting data. A null value indicates that all data will be exported.
Signature String [] { "java.lang.String", "java.lang.String", "java.util.Properties" }Returns voidExceptions
weblogic.management.utils.InvalidParameterException
weblogic.management.utils.ErrorCollectionException
getCertificate
Retrieves a certificate from the registry.
Throws NotFoundException if alias does not exist in the registry.
Operation Name "getCertificate"Parameters Object [] { alias }where:
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature String [] { "java.lang.String" }Returns X509CertificateExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
getCertificate
Retrieves a certificate from the registry.
Throws NotFoundException if alias does not exist in the registry.
Throws InvalidParameterException if the alias or trust group is null or empty.
Operation Name "getCertificate"Parameters Object [] { trustGroup, alias }where:
trustGroup is an object of typejava.lang.String that specifies:
- The trustgroup to get certificate under. It must not be empty or null. Trust Groups are case-insensitive.
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature String [] { "java.lang.String", "java.lang.String" }Returns X509CertificateExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
getCurrentName
The name of the current item in the list. Returns null if there is no current item.
Operation Name "getCurrentName"Parameters Object [] { cursor }where:
cursor is an object of typejava.lang.String that specifies:
- The cursor returned from a previous list method.
Signature String [] { "java.lang.String" }Returns StringExceptions
weblogic.management.utils.InvalidCursorException
getTrustGroups
Retrieves all the trust groups that has a given alias registered under.
Throws NotFoundException if alias does not exist in the registry.
Throws InvalidParameterException if the alias is null or empty.
Operation Name "getTrustGroups"Parameters Object [] { alias }where:
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature String [] { "java.lang.String" }Returns classExceptions
weblogic.management.utils.InvalidParameterException
haveCurrent
Returns true if there are more objects in the list, and false otherwise.
Operation Name "haveCurrent"Parameters Object [] { cursor }where:
cursor is an object of typejava.lang.String that specifies:
- The cursor returned from a previous list method.
Signature String [] { "java.lang.String" }Returns booleanExceptions
weblogic.management.utils.InvalidCursorException
importData
Imports provider specific data from a specified format. When errors occur, the MBean throws an ErrorCollectionException containing a list of
java.lang.Exceptions, where the text of each exception describes the error.
Operation Name "importData"Parameters Object [] { format, filename, constraints }where:
format is an object of typejava.lang.String that specifies:
- The format for importing provider specific data.
filename is an object of typejava.lang.String that specifies:
- The full path to the filename used to read data.
constraints is an object of typejava.util.Properties that specifies:
- The constraints to be used when importing data. A null value indicates that all data will be imported.
Signature String [] { "java.lang.String", "java.lang.String", "java.util.Properties" }Returns voidExceptions
weblogic.management.utils.InvalidParameterException
weblogic.management.utils.ErrorCollectionException
isAliasRegistered
Determines whether or not an alias was registered in the registry.
Return true if the alias exists in the registry otherwise return false.
Throws InvalidParameterException if the alias is empty or null.
Operation Name "isAliasRegistered"Parameters Object [] { alias }where:
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature String [] { "java.lang.String" }Returns booleanExceptions
weblogic.management.utils.InvalidParameterException
isSet
Returns true if the specified attribute has been set explicitly in this MBean instance.
Operation Name "isSet"Parameters Object [] { propertyName }where:
propertyName is an object of typejava.lang.String that specifies:
property to check
Signature String [] { "java.lang.String" }Returns booleanExceptions
java.lang.IllegalArgumentException
listAliases
Lists the registered aliases that match a wild card.
Returns a String containing a cursor that may be passed into the NameListerMBean methods to read the list. The getCurrentName method returns the current alias on the list.
Operation Name "listAliases"Parameters Object [] { aliasWildcard, maxToReturn }where:
aliasWildcard is an object of typejava.lang.String that specifies:
- A wild card used to select aliases. It supports three formats: "*" matches all aliases. "foo*" matches all aliases starting with the string "foo". "foo" matches the alias "foo" only. The matches are case-insensitive.
maxToReturn is an object of typejava.lang.Integer that specifies:
- The maximum number of aliases this method may return. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort the results. Set this parameter to zero to return all matching aliases.
Signature String [] { "java.lang.String", "java.lang.Integer" }Returns StringExceptions
weblogic.management.utils.InvalidCursorException
weblogic.management.utils.InvalidParameterException
listAliasesByTrustGroup
Lists the registered aliases that match a wild card in a given trust group.
Returns a String containing a cursor that may be passed into the NameListerMBean methods to read the list. The getCurrentName method returns the current alias on the list.
Throws InvalidCursorException.
Throws InvalidParameterException if the trust group or wild card is empty or null.
Operation Name "listAliasesByTrustGroup"Parameters Object [] { trustGroup, aliasWildcard, maxToReturn }where:
trustGroup is an object of typejava.lang.String that specifies:
- The trust group to list certificates under. It must not be empty or null. Trust groups are case-insensitive.
aliasWildcard is an object of typejava.lang.String that specifies:
- A wild card used to select aliases. It supports three formats: "*" matches all aliases. "foo*" matches all aliases starting with the string "foo". "foo" matches the alias "foo" only. The matches are case-insensitive.
maxToReturn is an object of typejava.lang.Integer that specifies:
- The maximum number of aliases this method may return. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort the results. Set this parameter to zero to return all matching aliases.
Signature String [] { "java.lang.String", "java.lang.String", "java.lang.Integer" }Returns StringExceptions
weblogic.management.utils.InvalidCursorException
weblogic.management.utils.InvalidParameterException
listTrustGroups
Lists the registered trust groups that match a wild card.
Returns a String containing a cursor that may be passed into the NameListerMBean methods to read the list. The getCurrentName method returns the current trust group on the list.
Throws InvalidCursorException.
Throws InvalidParameterException if the trust group is empty or null.
Operation Name "listTrustGroups"Parameters Object [] { trustGroupWildcard, maxToReturn }where:
trustGroupWildcard is an object of typejava.lang.String that specifies:
- A wild card used to select trust groups. It supports three formats: "*" matches all trust groups. "foo*" matches all trust groups starting with the string "foo". "foo" matches the trust groups "foo" only. The matches are case-insensitive.
maxToReturn is an object of typejava.lang.Integer that specifies:
- The maximum number of trust groups this method may return. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort the results. Set this parameter to zero to return all matching trust groups.
Signature String [] { "java.lang.String", "java.lang.Integer" }Returns StringExceptions
weblogic.management.utils.InvalidCursorException
weblogic.management.utils.InvalidParameterException
registerCertificate
Registers an end certificate in the registry under an alias.
Throws InvalidParameterException if the alias or certificateFile is empty or null or if the file does not exist or cannot be read.
Operation Name "registerCertificate"Parameters Object [] { alias, certificateFile }where:
alias is an object of typejava.lang.String that specifies:
- The alias to register the certificate under. It must not be empty or null. Aliases are case-insensitive.
certificateFile is an object of typejava.lang.String that specifies:
- The pathname (relative to the directory the admin server is booted from) of a PEM or DER file containing the certificate to be registered.
Signature String [] { "java.lang.String", "java.lang.String" }Returns voidExceptions
weblogic.management.utils.AlreadyExistsException
weblogic.management.utils.InvalidParameterException
registerCertificate
Registers an end certificate from a file in to a list of trust group under an alias.
Throws ErrorCollectionException containing any errors when register the certificate to a trust group.However, the certificate is registered to other trust group.
Throws InvalidParameterException if the trust groups, alias or certificateFile is empty or null or if the file does not exist or cannot be read.
Operation Name "registerCertificate"Parameters Object [] { trustGroups, alias, certificateFile }where:
trustGroups is an object of type[Ljava.lang.String; that specifies:
- The trust groups to register the certificate under. It must not be empty or null. Trust groups are case-insensitive.
alias is an object of typejava.lang.String that specifies:
- The alias to register the certificate under. It must not be empty or null. Aliases are case-insensitive.
certificateFile is an object of typejava.lang.String that specifies:
- The pathname (relative to the directory the admin server is booted from) of a PEM or DER file containing the certificate to be registered.
Signature String [] { "[Ljava.lang.String;", "java.lang.String", "java.lang.String" }Returns voidExceptions
weblogic.management.utils.ErrorCollectionException
weblogic.management.utils.InvalidParameterException
removeCertificate
Remove an end certificate from the registry which means it is also unregistered from trust groups (if any).
Throws InvalidParameterException if alias is empty or null.
Throws NotFoundException if the alias does not found in the registry.
Operation Name "removeCertificate"Parameters Object [] { alias }where:
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature String [] { "java.lang.String" }Returns voidExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
removeTrustGroup
Remove an trust group from the registry.
Throws NotFoundException if the trust group does not exist in the registry.
Throws InvalidParameterException if the trust group is empty or null.
Operation Name "removeTrustGroup"Parameters Object [] { trustGroup }where:
trustGroup is an object of typejava.lang.String that specifies:
- The trust group to unregister the certificate under. It must not be empty or null. Trust groups are case-insensitive.
Signature String [] { "java.lang.String" }Returns voidExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
trustGroupExists
Determines whether or not a trust group exists in the registry.
Return true if the trust group exists in the registry otherwise return false.
Throws InvalidParameterException if the trust group is empty or null.
Operation Name "trustGroupExists"Parameters Object [] { trustGroup }where:
trustGroup is an object of typejava.lang.String that specifies:
- The trustGroup is registered. It must not be empty or null. Trust groups are case-insensitive.
Signature String [] { "java.lang.String" }Returns booleanExceptions
weblogic.management.utils.InvalidParameterException
unregisterCertificate
Unregisters an end certificate from trust groups.
Throws InvalidParameterException if alias is empty or null or the given trust groups is empty or null.
Throws ErrorCollectionException if the alias does not found in any of the trust group given. However, the certificate is unregistered from other trust groups.
Operation Name "unregisterCertificate"Parameters Object [] { trustGroups, alias }where:
trustGroups is an object of type[Ljava.lang.String; that specifies:
- The trust group to register the certificate under. It must not be empty or null. Trust Groups are case-insensitive.
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature String [] { "[Ljava.lang.String;", "java.lang.String" }Returns voidExceptions
weblogic.management.utils.ErrorCollectionException
weblogic.management.utils.InvalidParameterException
unregisterCertificate
Unregisters an end certificate from the registry.
Throws InvalidParameterException if alias is empty or null.
Operation Name "unregisterCertificate"Parameters Object [] { alias }where:
alias is an object of typejava.lang.String that specifies:
- The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
Signature String [] { "java.lang.String" }Returns voidExceptions
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
unSet
Restore the given property to its default value.
Operation Name "unSet"Parameters Object [] { propertyName }where:
propertyName is an object of typejava.lang.String that specifies:
property to restore
Signature String [] { "java.lang.String" }Returns voidExceptions
java.lang.IllegalArgumentException
UnsupportedOperationException if called on a runtime implementation.
wls_getDisplayName
Operation Name "wls_getDisplayName"Parameters nullSignature nullReturns String