4

Please guide me on how to perform following using EJBCA API:

  1. Create a Certificate using EJBCA API in Java code.
  2. Provision (Upload) the created certificate on to Application Server using EJBCA API in Java code.
  3. Validate a Certificate using EJBCA API in Java code.

Thanks,

Ravish
  • 147
  • 1
  • 4
  • 17

1 Answers1

1

Are you referring to any specific API, as there are several APIs and protocols in EJBCA? Otherwise I would suggest using standard IETF protocols for most of these.

  1. Use the CMP protocol, RFC4210. In Java you can use the BouncyCastle library that supports CMP. You can also find example code in EJBCA CMP test sources.

  2. For this there is not standard API. Every Application server is different. Is it a JBoss server? An Apache HTTP? Or a Tomcat? You can simply use a combination of the Application servers native commands and some bash scripting to provision the certificate. Unless you want to look at other tools, such as the ACME protocol?

  3. Validation typically refers to checking if the certificate is revoked or not. The best protocol to do this is OCSP, RFC6960. EJBCA fully supports OCSP, and you can again use the BouncyCastle library to write Java code to query the EJBCA OCSP responder. Sample code is also again available in EJBCA OCSP test sources.

primetomas
  • 524
  • 2
  • 5