AppendCertificateRequest (Stringlist function)
Add certificate request to a Stringlist (Stringlist class)
[Requires Janus Network Security]
This callable method generates an SSL client certificate request from a given private key, and it adds the certificate request lines to the end of a Stringlist.
Syntax
[%rc =] sl:AppendCertificateRequest( [PrivateKey=] string, - [[Country=] string], [[State=] string], - [[City=] string], - [[Organization=] string], - [[OrganizationalUnit=] string], - [[CommonName=] string], - [SignatureAlgorithm= digestAlgorithm])
Syntax terms
| %rc | An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described below in "Return codes". |
|---|---|
| sl | A Stringlist object to contain the generated request. |
| PrivateKey | This name allowed parameter is a Stringlist object that contains an RSA-generated private key. This value must be less than or equal to 2048 bits. |
| Country | string |
| State | string |
| City | string |
| Organization | string |
| OrganizationalUnit | string |
| CommonName | string |
Return codes
| 0 | All is well. |
|---|---|
| 3 | Out of CCATEMP. |
| 5 | Stringlist identifier missing. |
| 6 | Invalid Stringlist identifier. |
| 7 | Insufficient storage. |
| 10 | Private key Stringlist identifier missing. |
| 11 | Invalid private key Stringlist identifier. |
| 12 | Invalid private key. |
| 13 | Challenge data mismatch. |
| 14 | Bad private key/challenge signature. |
Usage notes
- To review the contents of the generated request, you can use DerToXmlDoc.
Examples
In the following example, the certificate request that is generated from a private key by AppendCertificateRequest is displayed in base64, then checked by CheckCertificateRequest, then converted to string by PemToString:
b %sl is object stringlist %pk is object stringlist %rc is float %ls is longstring %sl = new text to %pk raw -----BEGIN RSA PRIVATE KEY----- MIICWgIBAAKBgQC1HvRz+5Jcv+jalOL1hmdm/wFEtk/3kSsdhZHWO5BklzecIQR2 40wBkUgBusYubiTZBFmfb6Woqiagmn8UBiG8fdrQ5+ac1+nhyy4Reuqv3dWLxDVT LGWosw0VEZaO0bZmlTat3bemp8GZId12WKOwr/jMlIaiGIYE2I/8RR4ILwIBAwKB gB4v02ip7bof/CRuJdOWZpEqgDYeYqlC3ITrmE5fQrtuiUSwK2kl4gBC4VWfIQe9 BiQrZEU9RkbHBnAZv9irsEnMX1ZgYdntsW5xHe7K1wowBRUrQgAD5SPYRc5b0JEX PTPL+aJzNaSQNQ/KW3O+QZVN5p3Co2TqjwDzcutQsSkfAkEA+pYxMH2wTCcmabe3 p76qjE2SERSf7nk2yTqw29w1hSYqsj7By51vLWFH/35rMBiqAC5yTgmQjlJIIXw6 kz4ASwJBALkImXUd0PmaJLrCwRIhyDFpeq+UsyaNmtgvjg7W8sEhBRseHV7YXBkh 8mQ6VLMBhtxip7aotArZtwJiPc25ES0CQQCnDst1qSAyxMRGenpv1HGy3mFguGqe +3nbfHXn6COuGXHMKdaHvkoeQNqqVEd1ZcaqyaGJW7W0NtrA/XxiKVWHAkB7WxD4 votREW3R1ytha9rLm6cfuHdvCRHldQlfOfcra1i8vr4/OugQwUxC0Y3Mq689lxp5 xc1ckSSsQX6JJgtzAkAPAzNsxdsNaAES3L5yqkbux8W2Y2YdjjxZMl1sdPqn9rXN A8fe68sT76U9rhuJemue1h9jxgq6fscFqZkbNRll -----END RSA PRIVATE KEY----- end text %rc = %sl:appendCertificaterequest(%pk) print 'return code is ' %rc %sl:print %rc = %sl:CheckCertificateRequest(PrivateKey=%pk) print 'round trip return code is ' %rc %ls = %sl:pemtostring('NEW CERTIFICATE REQUEST') %ls:derToXmlDoc:print end
The result is something like:
return code is 0 -----BEGIN NEW CERTIFICATE REQUEST----- MIIBPTCBpwIBADAAMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC1HvRz+5Jc v+jalOL1hmdm/wFEtk/3kSsdhZHWO5BklzecIQR240wBkUgBusYubiTZBFmfb6Wo qiagmn8UBiG8fdrQ5+ac1+nhyy4Reuqv3dWLxDVTLGWosw0VEZaO0bZmlTat3bem p8GZId12WKOwr/jMlIaiGIYE2I/8RR4ILwIBA6AAMA0GCSqGSIb3DQEBBAUAA4GB ADWssWlvaA55XIg0VezigMSpIumTtRUUGHSA3H3l8f7bo3FLPyWg1dr2MSwJKW09 OmEAPGfQgmxN+LTEkzkjHGkevU0Mlj5MvtnF3ltdVbbJHSY+KW+DrdeRjU/5AiMj e/43fYThb2ea4JySezVY7AUSls5+4C1yx0V3X1s677lI -----END NEW CERTIFICATE REQUEST----- round trip return code is 0 <Sequence> <Sequence> <Integer>0</Integer> <Sequence/> <Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.1</ObjectIdentifier> <Null/> </Sequence> <BitString bits="1104"> 30818702818100B51EF473FB925CBFE8DA94E2F5866766FF0144B64FF7912B1D8591D63B906497379C210476E34C01914801BAC62E6E24D904599F6- FA5A8AA26A09A7F140621BC7DDAD0E7E69CD7E9E1CB2E117AEAAFDDD58BC435532C65A8B30D1511968ED1B6669536ADDDB7A6A7C19921DD7658A3B0AFF8CC9486A2- 188604D88FFC451E082F020103</BitString> </Sequence> <ContextSpecific tag="0"/> </Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.4</ObjectIdentifier> <Null/> </Sequence> <BitString bits="1024"> 35ACB1696F680E795C883455ECE280C4A922E993B51514187480DC7DE5F1FEDBA3714B3F25A0D5DAF6312C09296D3D3A61003C67D0826C4DF8B4C49339231- C691EBD4D0C963E4CBED9C5DE5B5D55B6C91D263E296F83ADD7918D4FF90223237BFE377D84E16F679AE09C927B3558EC051296CE7EE02D72C745775F5B3AEFB948 </BitString> </Sequence>
See also
- AppendCertificateInfo
- AppendCertificateRequestInfo
- AppendClientCertificateRequest
- AppendPrivateKeyInfo
- AppendSignedCertificate
- AppendSignedClientCertificate
- CheckCertificate
- CheckCertificateRequest