Package jetbrains.buildServer.serverSide.impl.ssl.acme

Class LetsEncryptAcmeService

java.lang.Object

jetbrains.buildServer.serverSide.impl.ssl.acme.LetsEncryptAcmeService

All Implemented Interfaces:

AcmeService, TeamCityExtension

public class LetsEncryptAcmeService
extends Object
implements AcmeService

Constructor Summary

Constructors

Constructor	Description
LetsEncryptAcmeService(ServerSettings serverSettings)

Method Summary

Modifier and Type	Method	Description
String	getDomain(String url)	Receives domain for certificate order.
Pair<Collection<Certificate>,KeyPair>	getSignedCertificate(KeyPair keyPair, URL orderUrl)	Receive signed certificate with authorized key pair
String	getTermsOfService()	Returns terms of service.
AcmeOrder	initializeHttp01Challenge(KeyPair keyPair)	Initializes HTTP-01 challenge.
KeyPair	registerAccount()	Register new ACME account
void	revokeCertificate(KeyPair keyPair, Certificate certificate)	Revokes certificate using ACME account that ordered it
void	triggerHttp01Challenge(KeyPair keyPair, URL orderUrl)	Triggers the HTTP-01 challenge for provided key pair's order.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LetsEncryptAcmeService

public LetsEncryptAcmeService(@NotNull
                              ServerSettings serverSettings)

Method Detail

registerAccount

public KeyPair registerAccount()
                        throws AcmeServiceException

Description copied from interface: AcmeService

Register new ACME account

Specified by:

registerAccount in interface AcmeService

Returns:

authenticated KeyPair, which can be used for issuing certificates

Throws:

AcmeServiceException - on failed registration or invalid key pair

initializeHttp01Challenge

public AcmeOrder initializeHttp01Challenge(@NotNull
                                           KeyPair keyPair)
                                    throws AcmeServiceException

Description copied from interface: AcmeService

Initializes HTTP-01 challenge. Returns required file name and file contents.

Specified by:

initializeHttp01Challenge in interface AcmeService

Parameters:

keyPair - key pair which will be used for order

Returns:

AcmeOrder with required file name, required file contents and order URL

Throws:

AcmeServiceException - on invalid key pair or networking errors

triggerHttp01Challenge

public void triggerHttp01Challenge(@NotNull
                                   KeyPair keyPair,
                                   @NotNull
                                   URL orderUrl)
                            throws AcmeServiceException

Description copied from interface: AcmeService

Triggers the HTTP-01 challenge for provided key pair's order. On success, the key pair is considered authorized.

Specified by:

triggerHttp01Challenge in interface AcmeService

Parameters:

keyPair - key pair representing ACME account

orderUrl - URL of order

Throws:

AcmeServiceException - on failed confirmation, on invalid key pair, or when the order do not have initialized challenge

getSignedCertificate

public Pair<Collection<Certificate>,KeyPair> getSignedCertificate(@NotNull
                                                                        KeyPair keyPair,
                                                                        @NotNull
                                                                        URL orderUrl)
                                                                 throws AcmeServiceException

Description copied from interface: AcmeService

Receive signed certificate with authorized key pair

Specified by:

getSignedCertificate in interface AcmeService

Parameters:

keyPair - authorized key pair

orderUrl - URL of order

Returns:

pair of signed certificate chain in collection and domain key pair. Please note that it's not equal to ACME account key pair. First certificate in this chain must be end-entity.

Throws:

AcmeServiceException - if key pair is not authorized in ACME server, or if certificate fetch has failed

revokeCertificate

public void revokeCertificate(@NotNull
                              KeyPair keyPair,
                              @NotNull
                              Certificate certificate)
                       throws AcmeServiceException

Description copied from interface: AcmeService

Revokes certificate using ACME account that ordered it

Specified by:

revokeCertificate in interface AcmeService

Parameters:

keyPair - key pair of account that ordered certificate

certificate - certificate to revoke

Throws:

AcmeServiceException - on unauthorized/incorrect key pair or if revocation has failed

getTermsOfService

@Nullable
public String getTermsOfService()
                         throws AcmeServiceException

Description copied from interface: AcmeService

Returns terms of service.

Specified by:

getTermsOfService in interface AcmeService

Returns:

string with terms of service

Throws:

AcmeServiceException - on connection failures

getDomain

@NotNull
public String getDomain(@NotNull
                        String url)

Receives domain for certificate order.

Parameters:

url -

Returns:

domain