CertificateRequest (String function): Difference between revisions
| m add identifiers | m →See also:  add method to list | ||
| (13 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| {{Template:String:CertificateRequest subtitle}} | {{Template:String:CertificateRequest subtitle}} | ||
| This  | This method generates a string that contains an SSL certificate request from an object string that contains a private key.   | ||
| ==Syntax== | ==Syntax== | ||
| Line 8: | Line 8: | ||
| <table> | <table> | ||
| <tr><th>%certRequest</th> | <tr><th>%certRequest</th> | ||
| <td> | <td>A <var>String</var> or <var>Longstring</var> to contain the generated signed certificate request.</td></tr> | ||
| <tr><th>string</th> | <tr><th>string</th> | ||
| <td>A <var>Longstring</var> that contains an RSA-generated private key. This value must be less than or equal to 2048 bits.</td></tr> | <td>A <var>String</var> or <var>Longstring</var> that contains an RSA-generated private key. This value must be less than or equal to 4096 (as of version 7.7 of Model 204). The pre-7.7 maximum is 2048 bits.</td></tr> | ||
| <tr><th><var>Country</var></th> | <tr><th><var>Country</var></th> | ||
| <td>This optional, [[Notation conventions for methods#Named parameters|name required]], string argument inserts a country value into the generated certificate request. | <td>This optional, [[Notation conventions for methods#Named parameters|name required]], string argument inserts a country value into the generated certificate request. | ||
| <p> | <p></p></td></tr> | ||
| <tr><th><var>State</var></th> | <tr><th><var>State</var></th> | ||
| <td>This optional, name required, string argument inserts a state/province value into the generated certificate request.   | <td>This optional, name required, string argument inserts a state/province value into the generated certificate request.   | ||
| <p> | <p></p></td></tr> | ||
| <tr><th><var>City</var></th> | <tr><th><var>City</var></th> | ||
| <td>This optional, name required, string argument inserts a locality value into the generated certificate request. | <td>This optional, name required, string argument inserts a locality value into the generated certificate request. | ||
| <p> | <p></p></td></tr> | ||
| <tr><th><var>Organization</var></th> | <tr><th><var>Organization</var></th> | ||
| <td>This optional, name required, string argument inserts an organization value into the generated certificate request.   | <td>This optional, name required, string argument inserts an organization value into the generated certificate request.   | ||
| <p> | <p></p></td></tr> | ||
| <tr><th><var>OrganizationalUnit</var></th> | <tr><th><var>OrganizationalUnit</var></th> | ||
| <td>This optional, name required, string argument inserts an organization unit (OU) value into the generated certificate request.   | <td>This optional, name required, string argument inserts an organization unit (OU) value into the generated certificate request.   | ||
| <p> | <p></p></td></tr> | ||
| <tr><th><var>CommonName</var></th> | <tr><th><var>CommonName</var></th> | ||
| <td>This optional, name required, string argument inserts a common-name (CN) value into the generated certificate request. | <td>This optional, name required, string argument inserts a common-name (CN) value into the generated certificate request. | ||
| <p> | <p></p></td></tr> | ||
| <tr><th><var>SignatureAlgorithm</var></th> | <tr><th><var>SignatureAlgorithm</var></th> | ||
| <td>This optional, name required, argument is a <var>[[DigestAlgorithm enumeration|DigestAlgorithm]]</var> enumeration value.  | <td>This optional, name required, argument is a <var>[[DigestAlgorithm enumeration|DigestAlgorithm]]</var> enumeration value. Valid values are: <var>MD5</var>, <var>SHA1</var>, <var>SHA256</var>, <var>SHA384</var> (Model 204 7.7 and later), and <var>SHA512</var> (Model 204 7.7 and later). | ||
| <p class="note"><b>Note:</b> Although supported and currently the default, most modern browsers are deprecating <var>SHA1</var>.</p></td></tr> | <p class="note"><b>Note:</b> Although supported and currently the default, most modern browsers are deprecating <var>SHA1</var>.</p></td></tr> | ||
| </table> | </table> | ||
| ==Usage notes== | ==Usage notes== | ||
| For some background information concerning certificates, see [https://en.wikipedia.org/wiki/Public-key_cryptography Public-key cryptography] and [https://en.wikipedia.org/wiki/Certificate_signing_request Certificate signing request]. | |||
| ==Example== | |||
| The following request prints a certificate request created from an input private key that is produced by the <var>System</var> method <var>[[GeneratedPrivateKey (System_function)|GeneratedPrivateKey]]</var>: | |||
| <p class="code">b | |||
| %ls is longstring  | |||
| %cr is longstring  | |||
| %ls = %(System):GeneratedPrivateKey(Length=512)                        | |||
| %cr = %ls:CertificateRequest(Country='USA',state='MA', city='Waltham', Organization='Rocket') | |||
| == | %cr:derToXmlDoc:print  | ||
| end | |||
| </p> | |||
| The result is: | |||
| <p class="output"><Sequence> | |||
|    <Sequence>  | |||
|       <Integer>0</Integer>  | |||
|       <Sequence>  | |||
|          <Set> | |||
|             <Sequence>  | |||
|                <ObjectIdentifier>2.5.4.6</ObjectIdentifier>  | |||
|                <PrintableString>USA</PrintableString>  | |||
|             </Sequence>  | |||
|          </Set>  | |||
|          <Set>  | |||
|             <Sequence>   | |||
|                <ObjectIdentifier>2.5.4.8</ObjectIdentifier> | |||
|                <PrintableString>MA</PrintableString>  | |||
|             </Sequence>   | |||
|          </Set>  | |||
|          <Set> | |||
|             <Sequence> | |||
|                <ObjectIdentifier>2.5.4.7</ObjectIdentifier> | |||
|                <PrintableString>Waltham</PrintableString>    | |||
|             </Sequence> | |||
|          </Set> | |||
|          <Set> | |||
|             <Sequence>  | |||
|                <ObjectIdentifier>2.5.4.10</ObjectIdentifier> | |||
|                <PrintableString>Rocket</PrintableString>  | |||
|             </Sequence>   | |||
|          </Set>        | |||
|       </Sequence>  | |||
|       <Sequence>  | |||
|          <Sequence>  | |||
|             <ObjectIdentifier>1.2.840.113549.1.1.1</ObjectIdentifier> | |||
|             <Null/>    | |||
|          </Sequence>           | |||
|          <BitString bits="576"> | |||
| 3046024100A0277685A6EA06E94CF8B ... 0C9E9B07B24FF3D1BB5BBA6F30A9FCF0F- | |||
| 8F3D80AB2A09EFD020103 | |||
|          </BitString> | |||
|       </Sequence> | |||
|       <ContextSpecific tag="0"/> | |||
|    </Sequence> | |||
|    <Sequence> | |||
|       <ObjectIdentifier>1.2.840.113549.1.1.5</ObjectIdentifier> | |||
|       <Null/> | |||
|    </Sequence> | |||
|    <BitString bits="512"> | |||
| 0B8774C79100F621F6E794BDEBD47BE ... 4C410892A5573F24D25AC32374A571F633 | |||
|    </BitString> | |||
| </Sequence> | |||
| </p> | |||
| ==See also== | ==See also== | ||
| Line 52: | Line 114: | ||
| <ul> | <ul> | ||
| <li><var>[[CertificateRequest (String function)|CertificateRequest]]</var> </li> | <li><var>[[CertificateRequest (String function)|CertificateRequest]]</var> </li> | ||
| <li><var>[[ClientCertificateRequest (String function)|ClientCertificateRequest]]</var> </li> | |||
| <li><var>[[SignedCertificate (String function)|SignedCertificate]]</var> </li> | <li><var>[[SignedCertificate (String function)|SignedCertificate]]</var> </li> | ||
| <li><var>[[SignedClientCertificate (String function)|SignedClientCertificate]]</var> </li> | |||
| <li><var>[[DerToXmlDoc (String function)|DerToXmlDoc]]</var> </li> | <li><var>[[DerToXmlDoc (String function)|DerToXmlDoc]]</var> </li> | ||
| Line 71: | Line 137: | ||
| <var>System</var> methods: </p> | <var>System</var> methods: </p> | ||
| <ul> | <ul> | ||
| <li><var>[[ClientCertificate (System function)|ClientCertificate]]</var> | <li><var>[[ClientCertificate (System function)|ClientCertificate]]</var> </li> | ||
| <li><var>[[GeneratedPrivateKey (System function)|GeneratedPrivateKey]]</var> </li> | |||
| </ul> | </ul> | ||
| <p> | <p> | ||
Latest revision as of 15:05, 6 September 2018
Create a certificate request from a private key (String class)
[Requires Janus Network Security]
This method generates a string that contains an SSL certificate request from an object string that contains a private key.
Syntax
%certRequest = string:CertificateRequest[( [Country= string], - [State= string], [City= string], - [Organization= string], - [OrganizationalUnit= string], - [CommonName= string], - [SignatureAlgorithm= digestAlgorithm])] Throws PKCSError
Syntax terms
| %certRequest | A String or Longstring to contain the generated signed certificate request. | 
|---|---|
| string | A String or Longstring that contains an RSA-generated private key. This value must be less than or equal to 4096 (as of version 7.7 of Model 204). The pre-7.7 maximum is 2048 bits. | 
| Country | This optional, name required, string argument inserts a country value into the generated certificate request. | 
| State | This optional, name required, string argument inserts a state/province value into the generated certificate request. | 
| City | This optional, name required, string argument inserts a locality value into the generated certificate request. | 
| Organization | This optional, name required, string argument inserts an organization value into the generated certificate request. | 
| OrganizationalUnit | This optional, name required, string argument inserts an organization unit (OU) value into the generated certificate request. | 
| CommonName | This optional, name required, string argument inserts a common-name (CN) value into the generated certificate request. | 
| SignatureAlgorithm | This optional, name required, argument is a DigestAlgorithm enumeration value. Valid values are: MD5, SHA1, SHA256, SHA384 (Model 204 7.7 and later), and SHA512 (Model 204 7.7 and later). Note: Although supported and currently the default, most modern browsers are deprecating SHA1. | 
Usage notes
For some background information concerning certificates, see Public-key cryptography and Certificate signing request.
Example
The following request prints a certificate request created from an input private key that is produced by the System method GeneratedPrivateKey:
b %ls is longstring %cr is longstring %ls = %(System):GeneratedPrivateKey(Length=512) %cr = %ls:CertificateRequest(Country='USA',state='MA', city='Waltham', Organization='Rocket') %cr:derToXmlDoc:print end
The result is:
<Sequence> <Sequence> <Integer>0</Integer> <Sequence> <Set> <Sequence> <ObjectIdentifier>2.5.4.6</ObjectIdentifier> <PrintableString>USA</PrintableString> </Sequence> </Set> <Set> <Sequence> <ObjectIdentifier>2.5.4.8</ObjectIdentifier> <PrintableString>MA</PrintableString> </Sequence> </Set> <Set> <Sequence> <ObjectIdentifier>2.5.4.7</ObjectIdentifier> <PrintableString>Waltham</PrintableString> </Sequence> </Set> <Set> <Sequence> <ObjectIdentifier>2.5.4.10</ObjectIdentifier> <PrintableString>Rocket</PrintableString> </Sequence> </Set> </Sequence> <Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.1</ObjectIdentifier> <Null/> </Sequence> <BitString bits="576"> 3046024100A0277685A6EA06E94CF8B ... 0C9E9B07B24FF3D1BB5BBA6F30A9FCF0F- 8F3D80AB2A09EFD020103 </BitString> </Sequence> <ContextSpecific tag="0"/> </Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.5</ObjectIdentifier> <Null/> </Sequence> <BitString bits="512"> 0B8774C79100F621F6E794BDEBD47BE ... 4C410892A5573F24D25AC32374A571F633 </BitString> </Sequence>
See also
String methods:
- CertificateRequest
- ClientCertificateRequest
- SignedCertificate
- SignedClientCertificate
- DerToXmlDoc
- RSAPrivateKeyToXmlDoc
- X509CertificateToXmlDoc
- X509CrlToXmlDoc
- Multiple cryptographic cipher methods
Stringlist methods:
- AppendCertificateInfo
- AppendCertificateRequest
- AppendCertificateRequestInfo
- AppendClientCertificateRequest
- AppendEncryptedSecurityData
- AppendGeneratedPrivateKey
- AppendPemData
- AppendPrivateKeyInfo
- AppendSignedCertificate
- AppendSignedClientCertificate
- CheckCertificate
- CheckCertificateRequest
- PemToString
System methods:
Socket methods: