CertificateRequest (String function): Difference between revisions
m (misc formatting) |
m (→See also: add method to list) |
||
| (7 intermediate revisions by 2 users not shown) | |||
| Line 8: | Line 8: | ||
<table> | <table> | ||
<tr><th>%certRequest</th> | <tr><th>%certRequest</th> | ||
<td>A <var>String</var> or <var>Longstring</var> to contain the generated signed certificate.</td></tr> | <td>A <var>String</var> or <var>Longstring</var> to contain the generated signed certificate request.</td></tr> | ||
<tr><th>string</th> | <tr><th>string</th> | ||
<td>A <var>String</var> or <var>Longstring</var> that contains an RSA-generated private key. This value must be less than or equal to 2048 bits.</td></tr> | <td>A <var>String</var> or <var>Longstring</var> that contains an RSA-generated private key. This value must be less than or equal to 4096 (as of version 7.7 of Model 204). The pre-7.7 maximum is 2048 bits.</td></tr> | ||
<tr><th><var>Country</var></th> | <tr><th><var>Country</var></th> | ||
| Line 38: | Line 38: | ||
<tr><th><var>SignatureAlgorithm</var></th> | <tr><th><var>SignatureAlgorithm</var></th> | ||
<td>This optional, name required, argument is a <var>[[DigestAlgorithm enumeration|DigestAlgorithm]]</var> enumeration value. | <td>This optional, name required, argument is a <var>[[DigestAlgorithm enumeration|DigestAlgorithm]]</var> enumeration value. Valid values are: <var>MD5</var>, <var>SHA1</var>, <var>SHA256</var>, <var>SHA384</var> (Model 204 7.7 and later), and <var>SHA512</var> (Model 204 7.7 and later). | ||
<p class="note"><b>Note:</b> Although supported and currently the default, most modern browsers are deprecating <var>SHA1</var>.</p></td></tr> | <p class="note"><b>Note:</b> Although supported and currently the default, most modern browsers are deprecating <var>SHA1</var>.</p></td></tr> | ||
</table> | </table> | ||
| Line 114: | Line 114: | ||
<ul> | <ul> | ||
<li><var>[[CertificateRequest (String function)|CertificateRequest]]</var> </li> | <li><var>[[CertificateRequest (String function)|CertificateRequest]]</var> </li> | ||
<li><var>[[ClientCertificateRequest (String function)|ClientCertificateRequest]]</var> </li> | |||
<li><var>[[SignedCertificate (String function)|SignedCertificate]]</var> </li> | <li><var>[[SignedCertificate (String function)|SignedCertificate]]</var> </li> | ||
<li><var>[[SignedClientCertificate (String function)|SignedClientCertificate]]</var> </li> | |||
<li><var>[[DerToXmlDoc (String function)|DerToXmlDoc]]</var> </li> | <li><var>[[DerToXmlDoc (String function)|DerToXmlDoc]]</var> </li> | ||
| Line 133: | Line 137: | ||
<var>System</var> methods: </p> | <var>System</var> methods: </p> | ||
<ul> | <ul> | ||
<li><var>[[ClientCertificate (System function)|ClientCertificate]]</var> | <li><var>[[ClientCertificate (System function)|ClientCertificate]]</var> </li> | ||
<li><var>[[GeneratedPrivateKey (System function)|GeneratedPrivateKey]]</var> </li> | |||
</ul> | </ul> | ||
<p> | <p> | ||
Latest revision as of 15:05, 6 September 2018
Create a certificate request from a private key (String class)
[Requires Janus Network Security]
This method generates a string that contains an SSL certificate request from an object string that contains a private key.
Syntax
%certRequest = string:CertificateRequest[( [Country= string], - [State= string], [City= string], - [Organization= string], - [OrganizationalUnit= string], - [CommonName= string], - [SignatureAlgorithm= digestAlgorithm])] Throws PKCSError
Syntax terms
| %certRequest | A String or Longstring to contain the generated signed certificate request. |
|---|---|
| string | A String or Longstring that contains an RSA-generated private key. This value must be less than or equal to 4096 (as of version 7.7 of Model 204). The pre-7.7 maximum is 2048 bits. |
| Country | This optional, name required, string argument inserts a country value into the generated certificate request. |
| State | This optional, name required, string argument inserts a state/province value into the generated certificate request. |
| City | This optional, name required, string argument inserts a locality value into the generated certificate request. |
| Organization | This optional, name required, string argument inserts an organization value into the generated certificate request. |
| OrganizationalUnit | This optional, name required, string argument inserts an organization unit (OU) value into the generated certificate request. |
| CommonName | This optional, name required, string argument inserts a common-name (CN) value into the generated certificate request. |
| SignatureAlgorithm | This optional, name required, argument is a DigestAlgorithm enumeration value. Valid values are: MD5, SHA1, SHA256, SHA384 (Model 204 7.7 and later), and SHA512 (Model 204 7.7 and later).
Note: Although supported and currently the default, most modern browsers are deprecating SHA1. |
Usage notes
For some background information concerning certificates, see Public-key cryptography and Certificate signing request.
Example
The following request prints a certificate request created from an input private key that is produced by the System method GeneratedPrivateKey:
b %ls is longstring %cr is longstring %ls = %(System):GeneratedPrivateKey(Length=512) %cr = %ls:CertificateRequest(Country='USA',state='MA', city='Waltham', Organization='Rocket') %cr:derToXmlDoc:print end
The result is:
<Sequence> <Sequence> <Integer>0</Integer> <Sequence> <Set> <Sequence> <ObjectIdentifier>2.5.4.6</ObjectIdentifier> <PrintableString>USA</PrintableString> </Sequence> </Set> <Set> <Sequence> <ObjectIdentifier>2.5.4.8</ObjectIdentifier> <PrintableString>MA</PrintableString> </Sequence> </Set> <Set> <Sequence> <ObjectIdentifier>2.5.4.7</ObjectIdentifier> <PrintableString>Waltham</PrintableString> </Sequence> </Set> <Set> <Sequence> <ObjectIdentifier>2.5.4.10</ObjectIdentifier> <PrintableString>Rocket</PrintableString> </Sequence> </Set> </Sequence> <Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.1</ObjectIdentifier> <Null/> </Sequence> <BitString bits="576"> 3046024100A0277685A6EA06E94CF8B ... 0C9E9B07B24FF3D1BB5BBA6F30A9FCF0F- 8F3D80AB2A09EFD020103 </BitString> </Sequence> <ContextSpecific tag="0"/> </Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.5</ObjectIdentifier> <Null/> </Sequence> <BitString bits="512"> 0B8774C79100F621F6E794BDEBD47BE ... 4C410892A5573F24D25AC32374A571F633 </BitString> </Sequence>
See also
String methods:
- CertificateRequest
- ClientCertificateRequest
- SignedCertificate
- SignedClientCertificate
- DerToXmlDoc
- RSAPrivateKeyToXmlDoc
- X509CertificateToXmlDoc
- X509CrlToXmlDoc
- Multiple cryptographic cipher methods
Stringlist methods:
- AppendCertificateInfo
- AppendCertificateRequest
- AppendCertificateRequestInfo
- AppendClientCertificateRequest
- AppendEncryptedSecurityData
- AppendGeneratedPrivateKey
- AppendPemData
- AppendPrivateKeyInfo
- AppendSignedCertificate
- AppendSignedClientCertificate
- CheckCertificate
- CheckCertificateRequest
- PemToString
System methods:
Socket methods: