AppendCertificateRequest (Stringlist function): Difference between revisions
m (→See also: add method to list) |
|||
(19 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
{{Template:Stringlist:AppendCertificateRequest subtitle}} | {{Template:Stringlist:AppendCertificateRequest subtitle}} | ||
This [[Notation conventions for methods#Callable functions|callable]] method generates an SSL certificate request from a given private key, and it adds the certificate request lines to the end of a <var>Stringlist</var>. | |||
This [[Notation conventions for methods#Callable functions|callable]] method generates an SSL | |||
==Syntax== | ==Syntax== | ||
Line 7: | Line 6: | ||
===Syntax terms=== | ===Syntax terms=== | ||
<table | <table> | ||
<tr><th>%rc</th> | <tr><th>%rc</th> | ||
<td>An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described below in [[#Return codes| | <td>An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described below in [[#Return codes|Return codes]]. </td></tr> | ||
<tr><th>sl</th> | <tr><th>sl</th> | ||
Line 15: | Line 14: | ||
<tr><th><var>PrivateKey</var></th> | <tr><th><var>PrivateKey</var></th> | ||
<td>This [[Notation conventions for methods#Named parameters|name allowed]] parameter is a <var>Stringlist</var> | <td>This [[Notation conventions for methods#Named parameters|name allowed]] parameter is a string or <var>Stringlist</var> that contains an RSA-generated private key. This key must be greater than or equal to 512 and less than or equal to 4096 (as of version 7.7 of Model 204). The pre-7.7 maximum is 2048 bits. </td></tr> | ||
<tr><th><var>Country</var></th> | <tr><th><var>Country</var></th> | ||
Line 34: | Line 33: | ||
<tr><th><var>CommonName</var></th> | <tr><th><var>CommonName</var></th> | ||
<td>This name allowed, optional, string argument inserts a common-name (CN) value into the generated certificate request.</td></tr> | <td>This name allowed, optional, string argument inserts a common-name (CN) value into the generated certificate request.</td></tr> | ||
<tr><th><var>SignatureAlgorithm</var></th> | |||
<td>This optional, [[Notation conventions for methods#Named parameters|name required]], argument is a <var>[[DigestAlgorithm enumeration|DigestAlgorithm]]</var> enumeration value. Valid values are: <var>MD5</var>, <var>SHA1</var>, <var>SHA256</var>, <var>SHA384</var> (Model 204 7.7 and later), and <var>SHA512</var> (Model 204 7.7 and later). | |||
<p class="note"><b>Note:</b> Although supported and currently the default, most modern browsers are deprecating <var>SHA1</var>.</p></td></tr> | |||
</table> | </table> | ||
===Return codes=== | ===Return codes=== | ||
<table> | <table class="thJustBold"> | ||
<tr><th>0</th><td>All is well.</td></tr> | <tr><th>0</th> | ||
<td>All is well.</td></tr> | |||
<tr><th> | |||
<tr><th>7</th> | |||
<td>Insufficient storage.</td></tr> | |||
<tr><th>10</th><td>Private key <var>Stringlist</var> identifier missing.</td></tr> | |||
<tr><th>11</th><td>Invalid private key <var>Stringlist</var> identifier.</td></tr> | <tr><th>10</th> | ||
<tr><th>12</th><td>Invalid private key.</td></tr> | <td>Private key <var>Stringlist</var> identifier missing.</td></tr> | ||
<tr><th>13</th><td>Challenge data mismatch.</td></tr> | |||
<tr><th>14</th><td>Bad private key/challenge signature.</td></tr> | <tr><th>11</th> | ||
<td>Invalid private key <var>Stringlist</var> identifier.</td></tr> | |||
<tr><th>12</th> | |||
<td>Invalid private key.</td></tr> | |||
<tr><th>13</th> | |||
<td>Challenge data mismatch.</td></tr> | |||
<tr><th>14</th> | |||
<td>Bad private key/challenge signature.</td></tr> | |||
</table> | </table> | ||
Line 133: | Line 146: | ||
==See also== | ==See also== | ||
<p> | |||
<var>Stringlist</var> methods: </p> | |||
{{Template:Stringlist crypto methods}} | |||
<p> | |||
<var>String</var> methods:</p> | |||
<ul> | |||
<li><var>[[CertificateRequest (String function)|CertificateRequest]]</var> </li> | |||
<li><var>[[SignedCertificate (String function)|SignedCertificate]]</var> </li> | |||
<li><var>[[SignedClientCertificate (String function)|SignedClientCertificate]]</var> </li> | |||
<li><var>[[DerToXmlDoc (String function)|DerToXmlDoc]]</var> </li> | |||
<li><var>[[RSAPrivateKeyToXmlDoc (String function)|RSAPrivateKeyToXmlDoc]]</var></li> | |||
<li><var>[[X509CertificateToXmlDoc (String function)|X509CertificateToXmlDoc]]</var> </li> | |||
<li><var>[[X509CrlToXmlDoc (String function)|X509CrlToXmlDoc]]</var> </li> | |||
<li>Multiple cryptographic cipher methods </li> | |||
</ul> | |||
<p> | |||
<var>System</var> methods: </p> | |||
<ul> | <ul> | ||
<li><var>[[ | <li><var>[[ClientCertificate (System function)|ClientCertificate]]</var> </li><li><var>[[GeneratedPrivateKey (System function)|GeneratedPrivateKey]]</var> </li> | ||
<li><var>[[ | |||
</ul> | </ul> | ||
<p> | |||
<var>Socket</var> methods: </p> | |||
<ul> | |||
<li><var>[[Certificate (Socket function)|Certificate]]</var> </li> | |||
</ul> | |||
{{Template:Stringlist:AppendCertificateRequest footer}} | {{Template:Stringlist:AppendCertificateRequest footer}} |
Latest revision as of 15:11, 6 September 2018
Add certificate request to a Stringlist (Stringlist class)
[Requires Janus Network Security]
This callable method generates an SSL certificate request from a given private key, and it adds the certificate request lines to the end of a Stringlist.
Syntax
[%rc =] sl:AppendCertificateRequest( [PrivateKey=] string, - [[Country=] string], [[State=] string], - [[City=] string], - [[Organization=] string], - [[OrganizationalUnit=] string], - [[CommonName=] string], - [SignatureAlgorithm= digestAlgorithm])
Syntax terms
%rc | An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described below in Return codes. |
---|---|
sl | A Stringlist object to contain the generated request. |
PrivateKey | This name allowed parameter is a string or Stringlist that contains an RSA-generated private key. This key must be greater than or equal to 512 and less than or equal to 4096 (as of version 7.7 of Model 204). The pre-7.7 maximum is 2048 bits. |
Country | This name allowed, optional, string argument inserts a country value into the generated certificate request. |
State | This name allowed, optional, string argument inserts a state/province value into the generated certificate request. |
City | This name allowed, optional, string argument inserts a locality value into the generated certificate request. |
Organization | This name allowed, optional, string argument inserts an organization value into the generated certificate request. |
OrganizationalUnit | This name allowed, optional, string argument inserts an organization unit (OU) value into the generated certificate request. |
CommonName | This name allowed, optional, string argument inserts a common-name (CN) value into the generated certificate request. |
SignatureAlgorithm | This optional, name required, argument is a DigestAlgorithm enumeration value. Valid values are: MD5, SHA1, SHA256, SHA384 (Model 204 7.7 and later), and SHA512 (Model 204 7.7 and later).
Note: Although supported and currently the default, most modern browsers are deprecating SHA1. |
Return codes
0 | All is well. |
---|---|
7 | Insufficient storage. |
10 | Private key Stringlist identifier missing. |
11 | Invalid private key Stringlist identifier. |
12 | Invalid private key. |
13 | Challenge data mismatch. |
14 | Bad private key/challenge signature. |
Examples
In the following example, the certificate request that is generated from a private key by AppendCertificateRequest is displayed in base64, then checked by CheckCertificateRequest, then converted to string by PemToString and loaded to an XmlDoc by DerToXmlDoc:
b %sl is object stringlist %pk is object stringlist %rc is float %ls is longstring %sl = new text to %pk raw -----BEGIN RSA PRIVATE KEY----- MIICWgIBAAKBgQC1HvRz+5Jcv+jalOL1hmdm/wFEtk/3kSsdhZHWO5BklzecIQR2 40wBkUgBusYubiTZBFmfb6Woqiagmn8UBiG8fdrQ5+ac1+nhyy4Reuqv3dWLxDVT LGWosw0VEZaO0bZmlTat3bemp8GZId12WKOwr/jMlIaiGIYE2I/8RR4ILwIBAwKB gB4v02ip7bof/CRuJdOWZpEqgDYeYqlC3ITrmE5fQrtuiUSwK2kl4gBC4VWfIQe9 BiQrZEU9RkbHBnAZv9irsEnMX1ZgYdntsW5xHe7K1wowBRUrQgAD5SPYRc5b0JEX PTPL+aJzNaSQNQ/KW3O+QZVN5p3Co2TqjwDzcutQsSkfAkEA+pYxMH2wTCcmabe3 p76qjE2SERSf7nk2yTqw29w1hSYqsj7By51vLWFH/35rMBiqAC5yTgmQjlJIIXw6 kz4ASwJBALkImXUd0PmaJLrCwRIhyDFpeq+UsyaNmtgvjg7W8sEhBRseHV7YXBkh 8mQ6VLMBhtxip7aotArZtwJiPc25ES0CQQCnDst1qSAyxMRGenpv1HGy3mFguGqe +3nbfHXn6COuGXHMKdaHvkoeQNqqVEd1ZcaqyaGJW7W0NtrA/XxiKVWHAkB7WxD4 votREW3R1ytha9rLm6cfuHdvCRHldQlfOfcra1i8vr4/OugQwUxC0Y3Mq689lxp5 xc1ckSSsQX6JJgtzAkAPAzNsxdsNaAES3L5yqkbux8W2Y2YdjjxZMl1sdPqn9rXN A8fe68sT76U9rhuJemue1h9jxgq6fscFqZkbNRll -----END RSA PRIVATE KEY----- end text %rc = %sl:appendCertificaterequest(%pk, country='USA') print 'return code is ' %rc %sl:print %rc = %sl:CheckCertificateRequest(PrivateKey=%pk) print 'checkcert return code is ' %rc %ls = %sl:pemtostring('NEW CERTIFICATE REQUEST') %ls:derToXmlDoc:print end
The result is something like:
return code is 0 -----BEGIN NEW CERTIFICATE REQUEST----- MIIBPTCBpwIBADAAMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC1HvRz+5Jc v+jalOL1hmdm/wFEtk/3kSsdhZHWO5BklzecIQR240wBkUgBusYubiTZBFmfb6Wo qiagmn8UBiG8fdrQ5+ac1+nhyy4Reuqv3dWLxDVTLGWosw0VEZaO0bZmlTat3bem p8GZId12WKOwr/jMlIaiGIYE2I/8RR4ILwIBA6AAMA0GCSqGSIb3DQEBBAUAA4GB ADWssWlvaA55XIg0VezigMSpIumTtRUUGHSA3H3l8f7bo3FLPyWg1dr2MSwJKW09 OmEAPGfQgmxN+LTEkzkjHGkevU0Mlj5MvtnF3ltdVbbJHSY+KW+DrdeRjU/5AiMj e/43fYThb2ea4JySezVY7AUSls5+4C1yx0V3X1s677lI -----END NEW CERTIFICATE REQUEST----- checkcert return code is 0 <Sequence> <Sequence> <Integer>0</Integer> <Sequence/> <Set> <Sequence> <ObjectIdentifier>2.5.4.6</ObjectIdentifier> <PrintableString>USA</PrintableString> </Sequence> </Set> <Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.1</ObjectIdentifier> <Null/> </Sequence> <BitString bits="1104"> 30818702818100B51EF473 ... 62E6E24D904599F6- FA5A8AA26A09A7F1 ... A3B0AFF8CC9486A2- 188604D88FFC451E082F020103 </BitString> </Sequence> <ContextSpecific tag="0"/> </Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.4</ObjectIdentifier> <Null/> </Sequence> <BitString bits="1024"> 35ACB1696F680E79 ... C4DF8B4C49339231- C691EBD4D0C963E4 ... 45775F5B3AEFB948 </BitString> </Sequence>
See also
Stringlist methods:
- AppendCertificateInfo
- AppendCertificateRequest
- AppendCertificateRequestInfo
- AppendClientCertificateRequest
- AppendEncryptedSecurityData
- AppendGeneratedPrivateKey
- AppendPemData
- AppendPrivateKeyInfo
- AppendSignedCertificate
- AppendSignedClientCertificate
- CheckCertificate
- CheckCertificateRequest
- PemToString
String methods:
- CertificateRequest
- SignedCertificate
- SignedClientCertificate
- DerToXmlDoc
- RSAPrivateKeyToXmlDoc
- X509CertificateToXmlDoc
- X509CrlToXmlDoc
- Multiple cryptographic cipher methods
System methods:
Socket methods: