A request processor is set on a CA to manipulate and change fields in an incoming CSR according to a CA's requirements when those cannot be solved using the CA's standard settings.


Request Processors can be activated through the following vectors:

CMPOnly in RA Mode
RESTAccessible through the pkcs10enroll call.
Web ServicesAccessible through the certificateRequest call, and when using the editUser with pkcs10Request call. 

Creating a Custom Request Processor

To creatie a custom request processor:

  • Implement the org.cesecore.certificates.ca.ExtendedUserDataHandler interface 
  • Compile your plugin into a JAR and make sure that JAR contains a manifest file under META-INF/services named org.cesecore.certificates.ca.ExtendedUserDataHandler which simply contains the canonical classname of your implementation. This will allow EJBCA's plugin manager to find your implementation
  • Make sure that your custom JAR is available on the classpath during the build phase following the steps in Creating Plugins

Current Implementations Included in EJBCA