AppendSignedClientCertificate (Stringlist function): Difference between revisions
m (→Syntax terms) |
m (→See also: add method to list) |
||
(31 intermediate revisions by 7 users not shown) | |||
Line 1: | Line 1: | ||
{{Template:Stringlist:AppendSignedClientCertificate subtitle}} | {{Template:Stringlist:AppendSignedClientCertificate subtitle}} | ||
This [[Notation conventions for methods#Callable functions|callable]] method signs an X.509 client certificate request and adds the lines of the signed certificate to the end of a <var>Stringlist</var>. It requires a valid private key, certificate request, and signer. | |||
This [[Notation conventions for methods#Callable functions|callable]] method signs an X.509 client certificate request and adds the lines of the signed certificate to the end of a <var>Stringlist</var>. | |||
==Syntax== | ==Syntax== | ||
Line 7: | Line 6: | ||
===Syntax terms=== | ===Syntax terms=== | ||
<table | <table> | ||
<tr><th>%rc</th> | <tr><th>%rc</th> | ||
<td>An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described elsewhere in [[AppendSignedCertificate (Stringlist function)#Return codes| | <td>An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described elsewhere in [[AppendSignedCertificate (Stringlist function)#Return codes|Return codes]]. </td></tr> | ||
<tr><th>sl</th> | <tr><th>sl</th> | ||
<td>A <var>Stringlist</var> object.</td></tr> | <td>A <var>Stringlist</var> object.</td></tr> | ||
<tr><th><var>PrivateKey</var></th> | <tr><th><var>PrivateKey</var></th> | ||
<td>This [[Notation conventions for methods#Named parameters|name allowed]] argument is a <var>Stringlist</var> that contains the private key to be used for signing.</td></tr> | <td>This [[Notation conventions for methods#Named parameters|name allowed]] argument is a string or <var>Stringlist</var> that contains the private key to be used for signing. The key length may be a maximum of 4096 bits (as of version 7.7 of Model 204). The pre-7.7 maximum is 2048.</td></tr> | ||
<tr><th><var>Request</var></th> | <tr><th><var>Request</var></th> | ||
<td>This name allowed argument is a <var>Stringlist</var> that contains the | <td>This name allowed argument is a string or <var>Stringlist</var> that contains the base64 encoded X.509 client certificate request.</td></tr> | ||
<tr><th><var>Signer</var></th> | <tr><th><var>Signer</var></th> | ||
<td>This name allowed argument is a <var>Stringlist</var> that contains | <td>This name allowed argument is a string or <var>Stringlist</var> that contains a base64 encoded CA (certifying authority) X.509 certificate. If not specified, the <var>Request</var> value is used: that is, the certificate will be self-signed. </td></tr> | ||
<tr><th><var>StartDate</var></th> | <tr><th><var>StartDate</var></th> | ||
<td>This optional, name allowed, argument is a string that contains the Start date for the signed certificate (in YYMMDDHHMISS format). The default is today's date.</td></tr> | <td>This optional, name allowed, argument is a string that contains the Start date for the signed certificate (in YYMMDDHHMISS format). The default is today's date.</td></tr> | ||
<tr><th><var>EndDate</var></th> | <tr><th><var>EndDate</var></th> | ||
<td>This optional, name allowed, argument is a string that contains the End date for the signed certificate (in YYMMDDHHMISS format). The default is 24 hours from <var>StartDate</var>.</td></tr> | <td>This optional, name allowed, argument is a string that contains the End date for the signed certificate (in YYMMDDHHMISS format). The default is 24 hours from <var>StartDate</var>. <code>YY</code> may not be less then the current 2-digit year.</td></tr> | ||
<tr><th><var>SerialNumber</var></th> | <tr><th><var>SerialNumber</var></th> | ||
<td>This optional, name allowed, argument is a numeric value that is the Serial number for the signed certificate. The default is a number guaranteed to increase by 1 for every call and guaranteed to increase from run to run, unless there is an extreme amount | <td>This optional, name allowed, argument is a numeric value that is the Serial number for the signed certificate. The default is a number guaranteed to increase by 1 for every call and guaranteed to increase from run to run, unless there is an extreme amount of signing occurrences. </td></tr> | ||
of signing occurrences. </td></tr> | |||
<tr><th><var>SignatureAlgorithm</var></th> | |||
<td>This optional, [[Notation conventions for methods#Named parameters|name required]], argument is a <var>[[DigestAlgorithm enumeration|DigestAlgorithm]]</var> enumeration value. Valid values are: <var>MD5</var>, <var>SHA1</var>, <var>SHA256</var>, <var>SHA384</var> (Model 204 7.7 and later), and <var>SHA512</var> (Model 204 7.7 and later). The default value is <var>SHA256</var> as of Model 204 7.7 (and zap maintenance for versions 7.6 and 7.5). | |||
<p class="note"><b>Note:</b> Although supported and formerly the default, most modern browsers are deprecating <var>SHA1</var>.</p></td></tr> | |||
</table> | </table> | ||
== | ==Usage notes== | ||
For some background information concerning certificates, see [https://en.wikipedia.org/wiki/Public-key_cryptography Public-key cryptography] and [https://en.wikipedia.org/wiki/Certificate_signing_request Certificate signing request]. | |||
==Example== | |||
==See also== | ==See also== | ||
<p> | |||
<var>Stringlist</var> methods: </p> | |||
{{Template:Stringlist crypto methods}} | |||
<p> | |||
<var>String</var> methods:</p> | |||
<ul> | |||
<li><var>[[CertificateRequest (String function)|CertificateRequest]]</var> </li> | |||
<li><var>[[SignedCertificate (String function)|SignedCertificate]]</var> </li> | |||
<li><var>[[SignedClientCertificate (String function)|SignedClientCertificate]]</var> </li> | |||
<li><var>[[DerToXmlDoc (String function)|DerToXmlDoc]]</var> </li> | |||
<li><var>[[RSAPrivateKeyToXmlDoc (String function)|RSAPrivateKeyToXmlDoc]]</var></li> | |||
<li><var>[[X509CertificateToXmlDoc (String function)|X509CertificateToXmlDoc]]</var> </li> | |||
<li><var>[[X509CrlToXmlDoc (String function)|X509CrlToXmlDoc]]</var> </li> | |||
<li>Multiple cryptographic cipher methods </li> | |||
</ul> | |||
<p> | |||
<var>System</var> methods: </p> | |||
<ul> | <ul> | ||
<li><var>[[ | <li><var>[[ClientCertificate (System function)|ClientCertificate]]</var> </li><li><var>[[GeneratedPrivateKey (System function)|GeneratedPrivateKey]]</var> </li> | ||
<li><var>[[ | |||
</ul> | </ul> | ||
<p> | |||
<var>Socket</var> methods: </p> | |||
<ul> | |||
<li><var>[[Certificate (Socket function)|Certificate]]</var> </li> | |||
</ul> | |||
{{Template:Stringlist:AppendSignedClientCertificate footer}} | {{Template:Stringlist:AppendSignedClientCertificate footer}} |
Latest revision as of 15:15, 6 September 2018
Add base64 encoded signed client certificate to a Stringlist (Stringlist class)
[Requires Janus Network Security]
This callable method signs an X.509 client certificate request and adds the lines of the signed certificate to the end of a Stringlist. It requires a valid private key, certificate request, and signer.
Syntax
[%rc =] sl:AppendSignedClientCertificate( [PrivateKey=] string, - [Request=] string, - [Signer=] string, - [[StartDate=] string], - [[EndDate=] string], - [[SerialNumber=] number], - [SignatureAlgorithm= digestAlgorithm])
Syntax terms
%rc | An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described elsewhere in Return codes. |
---|---|
sl | A Stringlist object. |
PrivateKey | This name allowed argument is a string or Stringlist that contains the private key to be used for signing. The key length may be a maximum of 4096 bits (as of version 7.7 of Model 204). The pre-7.7 maximum is 2048. |
Request | This name allowed argument is a string or Stringlist that contains the base64 encoded X.509 client certificate request. |
Signer | This name allowed argument is a string or Stringlist that contains a base64 encoded CA (certifying authority) X.509 certificate. If not specified, the Request value is used: that is, the certificate will be self-signed. |
StartDate | This optional, name allowed, argument is a string that contains the Start date for the signed certificate (in YYMMDDHHMISS format). The default is today's date. |
EndDate | This optional, name allowed, argument is a string that contains the End date for the signed certificate (in YYMMDDHHMISS format). The default is 24 hours from StartDate. YY may not be less then the current 2-digit year. |
SerialNumber | This optional, name allowed, argument is a numeric value that is the Serial number for the signed certificate. The default is a number guaranteed to increase by 1 for every call and guaranteed to increase from run to run, unless there is an extreme amount of signing occurrences. |
SignatureAlgorithm | This optional, name required, argument is a DigestAlgorithm enumeration value. Valid values are: MD5, SHA1, SHA256, SHA384 (Model 204 7.7 and later), and SHA512 (Model 204 7.7 and later). The default value is SHA256 as of Model 204 7.7 (and zap maintenance for versions 7.6 and 7.5).
Note: Although supported and formerly the default, most modern browsers are deprecating SHA1. |
Usage notes
For some background information concerning certificates, see Public-key cryptography and Certificate signing request.
Example
See also
Stringlist methods:
- AppendCertificateInfo
- AppendCertificateRequest
- AppendCertificateRequestInfo
- AppendClientCertificateRequest
- AppendEncryptedSecurityData
- AppendGeneratedPrivateKey
- AppendPemData
- AppendPrivateKeyInfo
- AppendSignedCertificate
- AppendSignedClientCertificate
- CheckCertificate
- CheckCertificateRequest
- PemToString
String methods:
- CertificateRequest
- SignedCertificate
- SignedClientCertificate
- DerToXmlDoc
- RSAPrivateKeyToXmlDoc
- X509CertificateToXmlDoc
- X509CrlToXmlDoc
- Multiple cryptographic cipher methods
System methods:
Socket methods: