Implementing the WSPKIClient interface enables WebSphere® Application Server security to communicate with a remote certificate authority (CA).
public void init(java.util.HashMap initAttrs) throws WSPKIException;
This
method is called by WebSphere Application Server
runtime to set up connection information to a CA.public X509Certificate[] requestCertificate(byte[] certReq,
X500Principal SubjectDN, byte[] revocationPassword,
java.util.HashMap customAttrs) throws WSPKIException;
This
method is called by WebSphere Application Server
runtime to connect to a CA and requests a certificate signed by the
authority. A X509Certificate[] is returned if the requested certificate
is created. If a null is returned then queryCertificate() is called
to check if the certificate is ready. This method is used when the
CA requires manual intervention to process a certificate request.You can invoke this operation from the administrative console using the Creating a CA certificate in SSL task and from a client using the requestCertificate script.
public void revokeCertificate(X509Certificate[] cert, byte[] revocationPassword,
String revocationReason, java.util.HashMap customAttrs) throws WSPKIException;
This
method called by WebSphere Application Server runtime to
submit a request to a CA to revoke a certificate.You can invoke this operation from the administrative console using the revoke CA certificate task, Revoking a CA certificate in SSL, or using the revokeCertificate script.
public X509Certificate[] queryCertificate(byte[] certReq,
java.util.HashMap customAttrs) throws WSPKIException;
This
method is called by WebSphere Application Server
runtime to query if certificate creation is completed on the CA.
A X509Certificate[] is returned if certificate request is complete.
A null is returned if the certificate request is pending.You perform this operation from the administrative console using the Query (link to usec_sslperscertreqs.html) option, see Personal certificate requests collectionand from a client using the queryCertificate script.