|
%SYS
|
|
|
%SYS
|
|
Certificate Authority client. More...
Public Member Functions | |
| _.Library.String | BuildSubject (_.Library.List values) |
| Build the "-subject" argument to the "openssl req" command. More... | |
| _.Library.String | GetCertificate (_.Library.String number, _.Library.Status st) |
| Get an X.509 Certificate issued by the Certificate Authority server. More... | |
| _.XML.DataSet | ListCertificates (_.Library.String hostname, _.Library.String instance, _.Library.Status st) |
| Get a list of X.509 Certificates issued by the Certificate Authority server. More... | |
| _.Library.String | SubmitCSR (_.Library.String filename, _.Library.List attrList, _.Library.String password, _.Library.Status st) |
| Generate and submit a Certificate Signing Request to the Certificate Authority server. More... | |
Static Public Member Functions | |
| _.Library.String | Configure (PKI.CAClient client, _.Library.Status st) |
| Configure this Certificate Authority client. More... | |
Public Attributes | |
| AttributePrompt | |
| Prompts to use when building a List for constructing a Subject Distinguished Name. More... | |
| AttributeType | |
| Attribute type keywords to use when building the "-subject" argument to the "openssl req" command. More... | |
| ContactEmail | |
| Email address of the local technical contact for this Certificate Authority client. More... | |
| ContactName | |
| Name of the local technical contact for this Certificate Authority client. More... | |
| ContactPhone | |
| Phone number of the local technical contact for this Certificate Authority client. More... | |
| Name | |
| The default Certificate Authority client has the name "IRIS CA". More... | |
| Path | |
| Path used to access the PKI.CAServer Web service. More... | |
| Port | |
| TCP port used to access the PKI.CAServer Web service. More... | |
| Server | |
| DNS hostname used to access the PKI.CAServer Web service. More... | |
| TLSConfiguration | |
| More... | |
| UseTLS | |
| More... | |
Certificate Authority client.
Use with PKI.CAServer.
| _.Library.String BuildSubject | ( | _.Library.List | values | ) |
Build the "-subject" argument to the "openssl req" command.
or the "-dname" argument to the "keytool -genkeypair" command from a List
|
static |
Configure this Certificate Authority client.
Must be called before Certificate Signing Requests can be submitted. Creates the OpenSSL configuration file "openssl.cnf" if it does not exist. Parameter:
client - PKI.CAClient object, with all required properties set
st - On return, contains a status code
Return value:
String describing successful configuration, or error
| _.Library.String GetCertificate | ( | _.Library.String | number, |
| _.Library.Status | st | ||
| ) |
Get an X.509 Certificate issued by the Certificate Authority server.
This method retrieves a PKI.Certificate object and saves the contents in a Certificate (.cer) file.
Parameter:
number - serial number of the X.509 Certificate requested, or 0 to request the Certificate Authority server's X.509 Certificate
st - On return, contains a status code
Return value:
String describing saved Certificate file, or error
| _.XML.DataSet ListCertificates | ( | _.Library.String | hostname, |
| _.Library.String | instance, | ||
| _.Library.Status | st | ||
| ) |
Get a list of X.509 Certificates issued by the Certificate Authority server.
Parameters:
hostname - Hostname from which signing requests for certificates was received
instance - InterSystems IRIS instance from which signing requests for certificates were received
Note: If both hostname and instance are not specified, all issued certificates are listed. st - On return, contains a status code
Return value:
An XML.DataSet object
| _.Library.String SubmitCSR | ( | _.Library.String | filename, |
| _.Library.List | attrList, | ||
| _.Library.String | password, | ||
| _.Library.Status | st | ||
| ) |
Generate and submit a Certificate Signing Request to the Certificate Authority server.
This method creates Certificate Signing Request (.csr) and Private Key (.key) files, creates a PKI.CSR object, and submits that object to the Certificate Authority server.
Parameters:
filename - Name to use for created Certificate Signing Request (.csr) and Private Key (.key) files
attrList - List containing attribute values to be used in constructing this Certificate Signing Request's Subject Distinguished Name
password - Password used to protect Private Key file (optional)
st - On return, contains a status code or SOAP fault
Return value:
String describing successful submission, or error
| AttributePrompt |
Prompts to use when building a List for constructing a Subject Distinguished Name.
| AttributeType |
Attribute type keywords to use when building the "-subject" argument to the "openssl req" command.
| ContactEmail |
Email address of the local technical contact for this Certificate Authority client.
Email notification will be sent to this address when an X.509 Certificate is issued for a Certificate Signing Request from this Certificate Authority client.
| ContactName |
Name of the local technical contact for this Certificate Authority client.
This is the person who will be contacted by the Certificate Authority server's administrator to verify the validity of Certificate Signing Requests from this client.
| ContactPhone |
Phone number of the local technical contact for this Certificate Authority client.
| Name |
The default Certificate Authority client has the name "IRIS CA".
There is at most one per InterSystems IRIS instance.
| Path |
Path used to access the PKI.CAServer Web service.
| Port |
TCP port used to access the PKI.CAServer Web service.
| Server |
DNS hostname used to access the PKI.CAServer Web service.
| TLSConfiguration |
| UseTLS |
1.9.1