This describes the Certificate Sampler Custom Publisher, which enables controlled storage of published certificates using configurable sampling rules per certificate profile.
The Certificate Sampler Custom Publisher is a built-in custom publisher that stores published certificates in a configured directory based on sampling rules. It supports flexible control over which certificates are retained, allowing per-profile configuration to store all certificates, none, or a statistically defined subset.
This is useful for testing, auditing, or limiting storage overhead while still retaining representative certificate samples.
Configure Certificate Sampler Custom Publisher
To configure the Certificate Sampler Custom Publisher:
-
In EJBCA, go to Manage Publishers and add or edit the Certificate Sampler Custom Publisher:
-
Publisher type: Custom Publisher
-
Class Path:
org.ejbca.core.model.ca.publisher.CertificateSamplerCustomPublisher -
Properties of Custom Publisher:
XMLoutputfolder=/tmp/sampledcertificates/ default.samplingmethod=SAMPLE_ALL profileid.2234644354.samplingmethod=SAMPLE_NONE profileid.1645141026.samplingmethod=SAMPLE_PROBABILISTIC profileid.1645141026.pvalue=0.25 -
Click Save and Test Connection to validate settings and ensure the output directory and class configuration are correct.
-
Finally, assign the publisher to the relevant certificate profiles.
In the example above:
-
Certificate profile
2234644354stores no certificates -
Certificate profile
1645141026stores approximately 25% of certificates -
All other profiles use the default behavior and store all certificates