Package io.netty.pkitesting
Class RevocationServer
- java.lang.Object
-
- io.netty.pkitesting.RevocationServer
-
public final class RevocationServer extends java.lang.Object
A simple HTTP server that serves Certificate Revocation Lists.Issuer certificates can be registered with the server, and revocations of their certificates and be published and added to the revocation lists.
The server is only intended for testing usage, and runs entirely in a single thread.
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description java.net.URI
getCrlUri(X509Bundle issuer)
Get the URI of the Certificate Revocation List for the given issuer.static RevocationServer
getInstance()
Get the shared revocation server instance.void
register(X509Bundle issuer)
Register an issuer with the revocation server.void
revoke(X509Bundle cert, java.time.Instant time)
Revoke the given certificate with the given revocation time.
-
-
-
Method Detail
-
getInstance
public static RevocationServer getInstance() throws java.lang.Exception
Get the shared revocation server instance. This will start the server, if it isn't already running, and bind it to a random port on the loopback address.- Returns:
- The revocation server instance.
- Throws:
java.lang.Exception
- If the server failed to start.
-
register
public void register(X509Bundle issuer)
Register an issuer with the revocation server. This must be done before CRLs can be served for that issuer, and before any of its certificates can be revoked.- Parameters:
issuer
- The issuer to register.
-
revoke
public void revoke(X509Bundle cert, java.time.Instant time)
Revoke the given certificate with the given revocation time.The issuer of the given certificate must be registered before its certifiactes can be revoked.
- Parameters:
cert
- The certificate to revoke.time
- The time of revocation.
-
getCrlUri
public java.net.URI getCrlUri(X509Bundle issuer)
Get the URI of the Certificate Revocation List for the given issuer.- Parameters:
issuer
- The issuer to get the CRL for.- Returns:
- The URI to the CRL for the given issuer,
or
null
if the issuer is not registered.
-
-