A request processor is set on a CA to manipulate and change fields in an incoming CSR according to a CA's requirements when those cannot be solved using the CA's standard settings.
Use
Request Processors can be activated through the following vectors:
Protocol | Notes |
---|
CMP | Only in RA Mode |
REST | Accessible through the pkcs10enroll call. |
Web Services | Accessible through the certificateRequest call, and when using the editUser with pkcs10Request call. |
Creating a Custom Request Processor
To creatie a custom request processor:
- Implement the org.cesecore.certificates.ca.ExtendedUserDataHandler interface
- Compile your plugin into a JAR and make sure that JAR contains a manifest file under META-INF/services named org.cesecore.certificates.ca.ExtendedUserDataHandler which simply contains the canonical classname of your implementation. This will allow EJBCA's plugin manager to find your implementation
- Make sure that your custom JAR is available on the classpath during the build phase following the steps in Creating Plugins.
Current Implementations Included in EJBCA