Provides the client-part of the EJBCA WS (Web Service) interface.

Introduction

This library supports EJBCA RA operations like issuing and revoking certificates.

Initialization

Before any EJBCA WS operations can be performed, the interface must be initialized.  For performance reasons it is recommendable to only do this once, like in a ServletContextListener.  Due to the fact that EJBCA requires that the calling applications are authenticated through TLS, client and trust-store certificates must also be defined during initialization.  Below is a example of an intialization procedure:
    import javax.xml.namespace.QName;
         .
         .
    class MyClass
      {
        static EjbcaWS ejbcaws;  // A single instance is enough
	         .
	         .
        void myInit ()
          {
            // Initialization code
            System.setProperty ("javax.net.ssl.trustStore", "ws-keystore.jks");
            System.setProperty ("javax.net.ssl.trustStorePassword", "foo123");  
            System.setProperty ("javax.net.ssl.keyStore", "ws-keystore.jks");
            System.setProperty ("javax.net.ssl.keyStorePassword", "foo123");      
		
            QName qname = new QName ("http://ws.protocol.core.ejbca.org/", "EjbcaWSService");
            EjbcaWSService service = new EjbcaWSService (new URL ("https://localhost:8443/ejbca/ejbcaws/ejbcaws?wsdl"), qname);
            ejbcaws = service.getEjbcaWSPort ();
          }

Using the EJBCA interface

    UserDataVOWS user = new UserDataVOWS ();
    user.setUsername ("tester");
    user.setPassword ("foo123");
    user.setClearPwd (false);
    user.setSubjectDN ("CN=Tester,C=SE");
    user.setCaName ("ManagementCA");
    user.setTokenType (UserDataVOWS.TOKEN_TYPE_USERGENERATED);
    user.setEndEntityProfileName ("EMPTY");
    user.setCertificateProfileName ("ENDUSER");
    byte[] cert_blob = ejbcaws.certificateRequest (user,
                                                   pkcs10_request_in_base64,
                                                   CertificateHelper.CERT_REQ_TYPE_PKCS10,
                                                   null,
                                                   CertificateHelper.RESPONSETYPE_CERTIFICATE).getRawData ();
The data in italics is meant to be customized for the actual installation.