Certificate Sampler Custom Publisher

This describes the Certificate Sampler Custom Publisher, which enables controlled storage of published certificates using configurable sampling rules per certificate profile.

The Certificate Sampler Custom Publisher is a built-in custom publisher that stores published certificates in a configured directory based on sampling rules. It supports flexible control over which certificates are retained, allowing per-profile configuration to store all certificates, none, or a statistically defined subset.

This is useful for testing, auditing, or limiting storage overhead while still retaining representative certificate samples.

Configure Certificate Sampler Custom Publisher

To configure the Certificate Sampler Custom Publisher:

  1. In EJBCA, go to Manage Publishers and add or edit the Certificate Sampler Custom Publisher:

  2. Publisher type: Custom Publisher

  3. Class Path: org.ejbca.core.model.ca.publisher.CertificateSamplerCustomPublisher

  4. Properties of Custom Publisher:

    XML
    outputfolder=/tmp/sampledcertificates/
    default.samplingmethod=SAMPLE_ALL
    
    profileid.2234644354.samplingmethod=SAMPLE_NONE
    profileid.1645141026.samplingmethod=SAMPLE_PROBABILISTIC
    profileid.1645141026.pvalue=0.25 
    
  5. Click Save and Test Connection to validate settings and ensure the output directory and class configuration are correct.

  6. Finally, assign the publisher to the relevant certificate profiles.

In the example above:

  • Certificate profile 2234644354 stores no certificates

  • Certificate profile 1645141026 stores approximately 25% of certificates

  • All other profiles use the default behavior and store all certificates