AppendSignedCertificate (Stringlist function): Difference between revisions

From m204wiki
Jump to navigation Jump to search
m (add link)
Line 7: Line 7:


===Syntax terms===
===Syntax terms===
<table class="syntaxTable">
<table>
<tr><th>%rc</th>
<tr><th>%rc</th>
<td>An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described below in [[#Return codes|"Return codes"]]. </td></tr>
<td>An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described below in [[#Return codes|Return codes]]. </td></tr>
 
<tr><th>sl</th>
<tr><th>sl</th>
<td>A <var>Stringlist</var> object.</td></tr>
<td>A <var>Stringlist</var> object.</td></tr>
<tr><th><var>PrivateKey</var></th>
<tr><th><var>PrivateKey</var></th>
<td>This [[Notation conventions for methods#Named parameters|name allowed]] argument is a <var>Stringlist</var> that contains the private key to be used for signing.</td></tr>
<td>This [[Notation conventions for methods#Named parameters|name allowed]] argument is a <var>Stringlist</var> that contains the private key to be used for signing.</td></tr>
<tr><th><var>Request</var></th>
<tr><th><var>Request</var></th>
<td>This name allowed argument is a <var>Stringlist</var> that contains the base-64 encoded X.509 certificate request.</td></tr>
<td>This name allowed argument is a <var>Stringlist</var> that contains the base-64 encoded X.509 certificate request.</td></tr>
<tr><th><var>Signer</var></th>
<tr><th><var>Signer</var></th>
<td>This optional, name allowed, argument is a <var>Stringlist</var> that contains the base-64 encoded CA (certifying authority) X.509 certificate. If not specified, the <var>Request</var> <var>Stringlist</var> is used: that is, the certificate will be self-signed. </td></tr>
<td>This optional, name allowed, argument is a <var>Stringlist</var> that contains the base-64 encoded CA (certifying authority) X.509 certificate. If not specified, the <var>Request</var> <var>Stringlist</var> is used: that is, the certificate will be self-signed. </td></tr>
<tr><th><var>StartDate</var></th>
<tr><th><var>StartDate</var></th>
<td>This optional, name allowed, argument is a string that contains the Start date for the signed certificate (in YYMMDDHHMISS format). The default is today's date.</td></tr>
<td>This optional, name allowed, argument is a string that contains the Start date for the signed certificate (in YYMMDDHHMISS format). The default is today's date.</td></tr>
<tr><th><var>EndDate</var></th>
<tr><th><var>EndDate</var></th>
<td>This optional, name allowed, argument is a string that contains the End date for the signed certificate (in YYMMDDHHMISS format). The default is 24 hours from <var>StartDate</var>.</td></tr>
<td>This optional, name allowed, argument is a string that contains the End date for the signed certificate (in YYMMDDHHMISS format). The default is 24 hours from <var>StartDate</var>.</td></tr>
<tr><th><var>SerialNumber</var></th>
<tr><th><var>SerialNumber</var></th>
<td>This optional, name allowed, argument is a numeric value that is the Serial number for the signed certificate. The default is a number guaranteed to increase by 1 for every call and guaranteed to increase from run to run, unless there is an extreme amount
<td>This optional, name allowed, argument is a numeric value that is the Serial number for the signed certificate. The default is a number guaranteed to increase by 1 for every call and guaranteed to increase from run to run, unless there is an extreme amount
of signing occurrences. </td></tr>
of signing occurrences. </td></tr>
<tr><th><var>SignatureAlgorithm</var></th>
<tr><th><var>SignatureAlgorithm</var></th>
<td>This optional, name allowed, argument is an enumerated <var>DigestAlgorithm</var> value.  Valid options are:- <var>MD5</var>, <var>SHA1</var>, <var>SHA256</var>.<br/><b>NOTE:</b> Although supported and currently the default, most modern browsers are deprecating <var>SHA1</var>.</td></tr>
<td>This optional, [[Notation conventions for methods#Named parameters|name required]], argument is a <var>DigestAlgorithm</var> enumeration value.  Valid options are: <var>MD5</var>, <var>SHA1</var>, <var>SHA256</var>.
<p class="note"><b>Note:</b> Although supported and currently the default, most modern browsers are deprecating <var>SHA1</var>.</p></td></tr>
</table>
</table>


===Return codes===
===Return codes===
<table>
<table class="thJustBold">
<tr><th>0</th><td>All is well.</td></tr>
<tr><th>0</th><td>All is well.</td></tr>
<tr><th>3</th><td>Out of CCATEMP.</td></tr>
<tr><th>3</th><td>Out of CCATEMP.</td></tr>

Revision as of 20:50, 4 August 2015

Add base64 encoded signed certificate to a Stringlist (Stringlist class)

[Requires Janus Network Security]


This callable method signs an X.509 certificate request and adds the lines of the signed certificate to the end of a Stringlist.

Syntax

[%rc =] sl:AppendSignedCertificate( [PrivateKey=] string, [Request=] string, - [[Signer=] string], - [[StartDate=] string], - [[EndDate=] string], - [[SerialNumber=] number], - [SignatureAlgorithm= digestAlgorithm])

Syntax terms

%rc An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described below in Return codes.
sl A Stringlist object.
PrivateKey This name allowed argument is a Stringlist that contains the private key to be used for signing.
Request This name allowed argument is a Stringlist that contains the base-64 encoded X.509 certificate request.
Signer This optional, name allowed, argument is a Stringlist that contains the base-64 encoded CA (certifying authority) X.509 certificate. If not specified, the Request Stringlist is used: that is, the certificate will be self-signed.
StartDate This optional, name allowed, argument is a string that contains the Start date for the signed certificate (in YYMMDDHHMISS format). The default is today's date.
EndDate This optional, name allowed, argument is a string that contains the End date for the signed certificate (in YYMMDDHHMISS format). The default is 24 hours from StartDate.
SerialNumber This optional, name allowed, argument is a numeric value that is the Serial number for the signed certificate. The default is a number guaranteed to increase by 1 for every call and guaranteed to increase from run to run, unless there is an extreme amount of signing occurrences.
SignatureAlgorithm This optional, name required, argument is a DigestAlgorithm enumeration value. Valid options are: MD5, SHA1, SHA256.

Note: Although supported and currently the default, most modern browsers are deprecating SHA1.

Return codes

0All is well.
3Out of CCATEMP.
5Stringlist identifier missing.
6Invalid Stringlist identifier.
7Insufficient storage.
10Private key Stringlist identifier missing.
11Invalid private key Stringlist identifier.
12Invalid private key Stringlist data (not correctly base-64 encoded).
13Certificate request Stringlist identifier missing.
14Invalid certificate request Stringlist identifier.
15Invalid certificate request.
16Invalid CA certificate Stringlist identifier.
17Invalid CA certificate.
18Invalid start date.
19Invalid end date.
20Invalid serial number.
21Private key does not match signer public key.

Examples

See also