/** * Creates a credentials object for a device based on a client certificate. * <p> * The credentials created are of type <em>x509-cert</em>. The * {@linkplain #setAuthId(String) authentication identifier} will be set to * the certificate's subject DN using the serialization format defined * by <a href="https://tools.ietf.org/html/rfc2253#section-2">RFC 2253, Section 2</a>. * * @param deviceId The device identifier. * @param certificate The device's client certificate. * @param notBefore The point in time from which on the credentials are valid. * @param notAfter The point in time until the credentials are valid. * @return The credentials. * @throws NullPointerException if device ID or certificate are {@code null}. * @throws IllegalArgumentException if the <em>not-before</em> instant does not lie * before the <em>not after</em> instant. */ public static CredentialsObject fromClientCertificate( final String deviceId, final X509Certificate certificate, final Instant notBefore, final Instant notAfter) { Objects.requireNonNull(certificate); return fromSubjectDn(deviceId, certificate.getSubjectX500Principal(), notBefore, notAfter); }
/** * Creates a credentials object for a device based on a client certificate. * <p> * The credentials created are of type <em>x509-cert</em>. The * {@linkplain #setAuthId(String) authentication identifier} will be set to * the certificate's subject DN using the serialization format defined * by <a href="https://tools.ietf.org/html/rfc2253#section-2">RFC 2253, Section 2</a>. * * @param deviceId The device identifier. * @param certificate The device's client certificate. * @param notBefore The point in time from which on the credentials are valid. * @param notAfter The point in time until the credentials are valid. * @return The credentials. * @throws NullPointerException if device ID or certificate are {@code null}. * @throws IllegalArgumentException if the <em>not-before</em> instant does not lie * before the <em>not after</em> instant. */ public static CredentialsObject fromClientCertificate( final String deviceId, final X509Certificate certificate, final Instant notBefore, final Instant notAfter) { Objects.requireNonNull(certificate); return fromSubjectDn(deviceId, certificate.getSubjectX500Principal(), notBefore, notAfter); }