One custom publisher called CertificateSamplerPublisher can be used to store published certificates to a configured directory. Different sampling methods can be specified per certificate profile, either storing every certificate, no certificate or randomly with a configured probability.
To use the CertificateSamplerCustomerPublisher, select Edit Publishers in the Administration GUI, create a new publisher and edit it.
- Publisher type: Custom Publisher
- Class Path: org.ejbca.core.model.ca.publisher.CertificateSamplerCustomPublisher
- Properties of Custom Publisher:
outputfolder=/tmp/sampledcertificates/
default.samplingmethod=SAMPLE_ALL
profileid.2234644354.samplingmethod=SAMPLE_NONE
profileid.1645141026.samplingmethod=SAMPLE_PROBABILISTIC
profileid.1645141026.pvalue=0.25
XML
and click Save and Test Connection to save the entered information and validate that the entered configuration is correct. Select the publisher in the relevant certificate profiles.
In the example above the certificate profile with id 2234644354 will not have any certificates stored. The profile with id 1645141026 will have about 25% of the certificates stored and for all other profiles all certificates will be sampled.