Package com.digicert.validation

Class DcvConfiguration.DcvConfigurationBuilder

java.lang.Object
com.digicert.validation.DcvConfiguration.DcvConfigurationBuilder
Enclosing class:
DcvConfiguration
public static class DcvConfiguration.DcvConfigurationBuilder extends Object
Builder class for Domain Control Validation (DCV) configuration.

  • Field Details

    • dcvConfiguration

      private final DcvConfiguration dcvConfiguration
      The DcvConfiguration instance to be built.

  • Constructor Details

    • DcvConfigurationBuilder

      public DcvConfigurationBuilder()
      Constructs a new DcvConfigurationBuilder.

  • Method Details

    • dnsTimeout

      public DcvConfiguration.DcvConfigurationBuilder dnsTimeout(int dnsTimeout)
      Set the DNS timeout (in milliseconds). Note that this is the timeout for each individual DNS query, so the total time spent on DNS queries could be significantly longer due to retries and redirects.
      Parameters:
      dnsTimeout - the DNS timeout in milliseconds
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if dnsTimeout is negative

    • dnsRetries

      public DcvConfiguration.DcvConfigurationBuilder dnsRetries(int dnsRetries)
      Set the number of times to retry a DNS query before giving up.
      Parameters:
      dnsRetries - the number of DNS retries
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if dnsRetries is negative

    • dnsServers

      public DcvConfiguration.DcvConfigurationBuilder dnsServers(List<String> dnsServers)
      Set the list of DNS servers to use for DNS lookups. These are the IP Addresses that will be queried for DNS records.

      Each server on the list can optionally include a port number, separated by a colon. For example, "10.1.2.3:53". Each server beyond the first will only be queried if the previous server fails or does not return any records.

      Parameters:
      dnsServers - The list of DNS servers to use.
      Returns:
      The builder instance.
      Throws:
      IllegalArgumentException - if the dnsServers list is null or empty.

    • whoisEmailProvider

      public DcvConfiguration.DcvConfigurationBuilder whoisEmailProvider(WhoisEmailProvider whoisEmailProvider)
      Use a custom WhoIs provider. This can allow for querying different WhoIs hosts for different TLDs and using different WhoIs parsers for those different hosts.
      Parameters:
      whoisEmailProvider - custom WhoisEmailProvider
      Returns:
      DcvConfigurationBuilder configured with the provided whoisEmailProvider.

    • dnsDomainLabel

      public DcvConfiguration.DcvConfigurationBuilder dnsDomainLabel(String dnsDomainLabel)
      Set the prefix domain label to use with DNS Change validation.

      The baseline requirements for the 3.2.2.4.7 DNS Change method allows for the domain to be "prefixed with a Domain Label that begins with an underscore character." With the default value of "_dnsauth.", the library would look for DNS records at "example.com" and "_dnsauth.example.com".

      Parameters:
      dnsDomainLabel - the DNS domain label
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if dnsDomainLabel is null, empty, or does not start with an underscore

    • fileValidationConnectTimeout

      public DcvConfiguration.DcvConfigurationBuilder fileValidationConnectTimeout(int fileValidationConnectTimeout)
      Set the timeout in milliseconds for connecting to a server while performing file validation.

      Default value is 2000 milliseconds.

      Parameters:
      fileValidationConnectTimeout - the file validation connect timeout in milliseconds
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if fileValidationConnectTimeout is negative

    • fileValidationReadTimeout

      public DcvConfiguration.DcvConfigurationBuilder fileValidationReadTimeout(int fileValidationReadTimeout)
      Set the timeout in milliseconds for reading data from a server while performing file validation.

      Default value is 5000 milliseconds.

      Parameters:
      fileValidationReadTimeout - the file validation read timeout in milliseconds
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if fileValidationReadTimeout is negative

    • fileValidationMaxBodyLength

      public DcvConfiguration.DcvConfigurationBuilder fileValidationMaxBodyLength(int fileValidationMaxBodyLength)
      Set the maximum length of the body for file validation responses.

      Default value is 5000 bytes.

      Parameters:
      fileValidationMaxBodyLength - the file validation max body length
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if fileValidationMaxBodyLength is not greater than 0

    • fileValidationSocketTimeout

      public DcvConfiguration.DcvConfigurationBuilder fileValidationSocketTimeout(int fileValidationSocketTimeout)
      Set the socket timeout in milliseconds for connecting to a server while performing file validation.

      Default value is 2000 milliseconds.

      Parameters:
      fileValidationSocketTimeout - the file validation socket timeout in milliseconds
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if fileValidationSocketTimeout is negative

    • fileValidationMaxRedirects

      public DcvConfiguration.DcvConfigurationBuilder fileValidationMaxRedirects(int fileValidationMaxRedirects)
      Set the maximum number of redirects allowed while performing file validation.

      Default value is 5.

      Parameters:
      fileValidationMaxRedirects - the file validation max redirects
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if fileValidationMaxRedirects is negative

    • fileValidationCheckHttps

      public DcvConfiguration.DcvConfigurationBuilder fileValidationCheckHttps(Boolean fileValidationCheckHttps)
      Set the flag to indicate that the library will try both HTTP and HTTPS when performing file validation requests.

      Default value is false.

      Parameters:
      fileValidationCheckHttps - the file validation check HTTPS flag
      Returns:
      the builder instance

    • fileValidationFileName

      public DcvConfiguration.DcvConfigurationBuilder fileValidationFileName(String fileValidationFileName) throws IllegalArgumentException
      Set the default file name to use for "Agreed-Upon Change to Website v2".

      This method allows the user to specify a custom default file name for the "Agreed-Upon Change to Website v2" validation method. If validation requests do not specify a file name, this is the file name that will be used.

      Parameters:
      fileValidationFileName - the file validation file name
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if fileValidationFileName is null, empty, contains invalid characters, or exceeds the maximum length

    • fileValidationUserAgent

      public DcvConfiguration.DcvConfigurationBuilder fileValidationUserAgent(String fileValidationUserAgent)
      Set the user agent to be used for file validation requests.

      The user agent header of a request identifies the type of client making the request. Servers can be configured to reject requests from certain user agents, so customers can be instructed to make sure that requests from this user agent are not blocked.

      Default value is "DCV-Library/1.0".

      Parameters:
      fileValidationUserAgent - the file validation user agent
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if fileValidationUserAgent is null or empty

    • randomValueValidityPeriod

      public DcvConfiguration.DcvConfigurationBuilder randomValueValidityPeriod(int randomValueValidityPeriod)
      Set the validity period in days for random values generated during the DCV process.

      The baseline requirements specify that random value cannot be valid after 30 days (starting from the creation of the random value). The default validity period is 29 days to safeguard against corner cases that could be encountered when checking against the limit.

      Parameters:
      randomValueValidityPeriod - the random value validity period in days
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if randomValueValidityPeriod is less than or equal to 0 or greater than 30

    • randomValueValidator

      public DcvConfiguration.DcvConfigurationBuilder randomValueValidator(RandomValueValidator randomValueValidator)
      Configure the library to use a custom random value validator.

      The random value validator is used to determine if a given response contains the random value. The default implementation does a simple check for the random value being contained anywhere in the response. A custom validator can be used to ensure random values meet other desired criteria.

      Parameters:
      randomValueValidator - the custom random value validator
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if randomValueValidator is null

    • requestTokenValidator

      public DcvConfiguration.DcvConfigurationBuilder requestTokenValidator(RequestTokenValidator requestTokenValidator)
      Configure the library to use a custom request token validator.

      The request token validator is used to determine if a given response contains a valid request token. The default implementation handles DigiCert's request token format, which is a timestamp followed by a hash of the CSR using the hashing key as the key for the hash and the timestamp as a salt.

      Parameters:
      requestTokenValidator - the custom request token validator
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if requestTokenValidator is null

    • randomValueGenerator

      public DcvConfiguration.DcvConfigurationBuilder randomValueGenerator(RandomValueGenerator randomValueGenerator)
      Configure the library to use a custom random value generator.

      The baseline requirements specify that random values must have at least 112 bits of entropy.

      Parameters:
      randomValueGenerator - the custom random value generator
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if randomValueGenerator is null

    • pslOverrideSupplier

      public DcvConfiguration.DcvConfigurationBuilder pslOverrideSupplier(PslOverrideSupplier pslOverrideSupplier)
      Configure the library to use a custom PSL override supplier.

      The supplier provides Public Suffix List (PSL) overrides for handling special cases in domain validation. There are cases where the default PSL data may not be sufficient for accurate domain validation (such as when governments that own a public suffix want to obtain a certificate at the level of the suffix).

      Parameters:
      pslOverrideSupplier - the custom PSL override supplier
      Returns:
      the builder instance
      Throws:
      IllegalArgumentException - if pslOverrideSupplier is null

    • build

      public DcvConfiguration build()
      Build the DcvConfiguration instance.

      This method constructs a `DcvConfiguration` instance using the parameters set in the builder and ensures that the PslDataProvider has had data loaded.

      Returns:
      the DcvConfiguration instance