mirror of https://github.com/shred/acme4j
Single method to get the certificate
parent
6a24d85364
commit
318aeaab9d
|
@ -143,7 +143,9 @@ public class Order extends AcmeJsonResource implements PollableResource {
|
|||
@SuppressFBWarnings("EI_EXPOSE_REP") // behavior is intended
|
||||
public Certificate getCertificate() {
|
||||
if (certificate == null) {
|
||||
certificate = getJSON().get("certificate")
|
||||
certificate = getJSON().get("star-certificate")
|
||||
.optional()
|
||||
.or(() -> getJSON().get("certificate").optional())
|
||||
.map(Value::asURL)
|
||||
.map(getLogin()::bindCertificate)
|
||||
.orElseThrow(() -> new IllegalStateException("Order is not completed"));
|
||||
|
@ -159,7 +161,9 @@ public class Order extends AcmeJsonResource implements PollableResource {
|
|||
* if the order is not ready yet. You must finalize the order first, and wait
|
||||
* for the status to become {@link Status#VALID}. It is also thrown if the
|
||||
* order has been {@link Status#CANCELED}.
|
||||
* @deprecated Use {@link #getCertificate()} for STAR certificates as well.
|
||||
*/
|
||||
@Deprecated
|
||||
@SuppressFBWarnings("EI_EXPOSE_REP") // behavior is intended
|
||||
public Certificate getAutoRenewalCertificate() {
|
||||
if (autoRenewalCertificate == null) {
|
||||
|
@ -172,6 +176,16 @@ public class Order extends AcmeJsonResource implements PollableResource {
|
|||
return autoRenewalCertificate;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns whether this is a STAR certificate ({@code true}) or a standard certificate
|
||||
* ({@code false}).
|
||||
*
|
||||
* @since 3.5.0
|
||||
*/
|
||||
public boolean isAutoRenewalCertificate() {
|
||||
return getJSON().contains("star-certificate");
|
||||
}
|
||||
|
||||
/**
|
||||
* Finalizes the order.
|
||||
* <p>
|
||||
|
|
|
@ -201,6 +201,7 @@ public class OrderTest {
|
|||
.isEqualTo("2016-01-01T00:00:00Z");
|
||||
softly.assertThat(order.getNotAfter().orElseThrow())
|
||||
.isEqualTo("2016-01-08T00:00:00Z");
|
||||
softly.assertThat(order.isAutoRenewalCertificate()).isFalse();
|
||||
softly.assertThat(order.getCertificate().getLocation())
|
||||
.isEqualTo(url("https://example.com/acme/cert/1234"));
|
||||
softly.assertThatIllegalStateException()
|
||||
|
@ -284,8 +285,9 @@ public class OrderTest {
|
|||
var order = login.bindOrder(locationUrl);
|
||||
|
||||
try (var softly = new AutoCloseableSoftAssertions()) {
|
||||
softly.assertThatIllegalStateException()
|
||||
.isThrownBy(order::getCertificate);
|
||||
softly.assertThat(order.isAutoRenewalCertificate()).isTrue();
|
||||
softly.assertThat(order.getCertificate().getLocation())
|
||||
.isEqualTo(url("https://example.com/acme/cert/1234"));
|
||||
softly.assertThat(order.getAutoRenewalCertificate().getLocation())
|
||||
.isEqualTo(url("https://example.com/acme/cert/1234"));
|
||||
softly.assertThat(order.isAutoRenewing()).isTrue();
|
||||
|
|
|
@ -2,6 +2,10 @@
|
|||
|
||||
This document will help you migrate your code to the latest _acme4j_ version.
|
||||
|
||||
## Migration to Version 3.5.0
|
||||
|
||||
- If you use STAR auto renewal certificates, you can now use `Order.getCertificate()` instead of `Order.getAutoRenewalCertificate()` to retrieve the STAR certificate. `Order.getAutoRenewalCertificate()` is marked as deprecated, but still functional. The new method `Order.isAutoRenewalCertificate()` can be used to check if the order resulted in a standard or auto-renewing certificate.
|
||||
|
||||
## Migration to Version 3.4.0
|
||||
|
||||
- To be futureproof, you should wait for your `Order` resource's state to become `READY` before invoking `Order.execute()`. Most CAs change to the `READY` state immediately, but this behavior is not specified in RFC8555. Future CA implementations may stay in `PENDING` state for a short while, and would return an error if `execute()` is invoked too early. Also see the [example](example.md#the-main-workflow) for how wait for the `READY` state.
|
||||
|
|
|
@ -47,9 +47,6 @@ You can also use `autoRenewalStart()`, `autoRenewalEnd()`, `autoRenewalLifetime(
|
|||
|
||||
The `Metadata` object also holds the accepted renewal limits (see `Metadata.getAutoRenewalMinLifetime()` and `Metadata.getAutoRenewalMaxDuration()`).
|
||||
|
||||
!!! important
|
||||
After your order is finalized, you must use `Order.getAutoRenewalCertificate()` to retrieve a STAR certificate! Do not use `Order.getCertificate()` here.
|
||||
|
||||
The STAR certificates are automatically renewed by the CA. You will always find the latest certificate at the certificate location URL.
|
||||
|
||||
To download the latest certificate issue, you can bind the certificate URL to your `Login` and then use the `Certificate` object.
|
||||
|
|
Loading…
Reference in New Issue