CertificateRequest (String function): Difference between revisions

From m204wiki
Jump to navigation Jump to search
m (→‎See also: add method to list)
 
(11 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Template:String:CertificateRequest subtitle}}
{{Template:String:CertificateRequest subtitle}}
This method generates a string that contains an SSL client certificate request from an object string that contains a private key.  
This method generates a string that contains an SSL certificate request from an object string that contains a private key.  


==Syntax==
==Syntax==
Line 8: Line 8:
<table>
<table>
<tr><th>%certRequest</th>
<tr><th>%certRequest</th>
<td>A <var>String</var> or <var>Longstring</var> to contain the generated signed certificate.</td></tr>
<td>A <var>String</var> or <var>Longstring</var> to contain the generated signed certificate request.</td></tr>


<tr><th>string</th>
<tr><th>string</th>
<td>A <var>String</var> or <var>Longstring</var> that contains an RSA-generated private key. This value must be less than or equal to 2048 bits.</td></tr>
<td>A <var>String</var> or <var>Longstring</var> that contains an RSA-generated private key. This value must be less than or equal to 4096 (as of version 7.7 of Model 204). The pre-7.7 maximum is 2048 bits.</td></tr>


<tr><th><var>Country</var></th>
<tr><th><var>Country</var></th>
Line 38: Line 38:


<tr><th><var>SignatureAlgorithm</var></th>
<tr><th><var>SignatureAlgorithm</var></th>
<td>This optional, name required, argument is a <var>[[DigestAlgorithm enumeration|DigestAlgorithm]]</var> enumeration value. Valid options are: <var>MD5</var>, <var>SHA1</var>, <var>SHA256</var>.
<td>This optional, name required, argument is a <var>[[DigestAlgorithm enumeration|DigestAlgorithm]]</var> enumeration value. Valid values are: <var>MD5</var>, <var>SHA1</var>, <var>SHA256</var>, <var>SHA384</var> (Model&nbsp;204 7.7 and later), and <var>SHA512</var> (Model&nbsp;204 7.7 and later).
<p class="note"><b>Note:</b> Although supported and currently the default, most modern browsers are deprecating <var>SHA1</var>.</p></td></tr>
<p class="note"><b>Note:</b> Although supported and currently the default, most modern browsers are deprecating <var>SHA1</var>.</p></td></tr>
</table>
</table>
==Usage notes==
For some background information concerning certificates, see [https://en.wikipedia.org/wiki/Public-key_cryptography Public-key cryptography] and [https://en.wikipedia.org/wiki/Certificate_signing_request Certificate signing request].


==Example==
==Example==
Line 90: Line 93:
         </Sequence>           
         </Sequence>           
         <BitString bits="576">
         <BitString bits="576">
3046024100A0277685A6EA06E94CF8BF7353E98AB318AA05074F068D790EFF21A99AF021AC97F3CAC7FF9152F30C9E9B07B24FF3D1BB5BBA6F30A9FCF0F-
3046024100A0277685A6EA06E94CF8B ... 0C9E9B07B24FF3D1BB5BBA6F30A9FCF0F-
8F3D80AB2A09EFD020103
8F3D80AB2A09EFD020103
         </BitString>
         </BitString>
Line 101: Line 104:
   </Sequence>
   </Sequence>
   <BitString bits="512">
   <BitString bits="512">
0B8774C79100F621F6E794BDEBD47BE8C855BC4B5297A3BBE2927641B32B5DF9DC7FBD938823288C8C4F424310CA4A9C410892A5573F24D25AC32374A571F633 
0B8774C79100F621F6E794BDEBD47BE ... 4C410892A5573F24D25AC32374A571F633
   </BitString>
   </BitString>
</Sequence>
</Sequence>
Line 111: Line 114:
<ul>
<ul>
<li><var>[[CertificateRequest (String function)|CertificateRequest]]</var> </li>
<li><var>[[CertificateRequest (String function)|CertificateRequest]]</var> </li>
<li><var>[[ClientCertificateRequest (String function)|ClientCertificateRequest]]</var> </li>


<li><var>[[SignedCertificate (String function)|SignedCertificate]]</var> </li>
<li><var>[[SignedCertificate (String function)|SignedCertificate]]</var> </li>
<li><var>[[SignedClientCertificate (String function)|SignedClientCertificate]]</var> </li>


<li><var>[[DerToXmlDoc (String function)|DerToXmlDoc]]</var> </li>
<li><var>[[DerToXmlDoc (String function)|DerToXmlDoc]]</var> </li>
Line 130: Line 137:
<var>System</var> methods: </p>
<var>System</var> methods: </p>
<ul>
<ul>
<li><var>[[ClientCertificate (System function)|ClientCertificate]]</var>, <li><var>[[GeneratedPrivateKey (System function)|GeneratedPrivateKey]]</var> </li>
<li><var>[[ClientCertificate (System function)|ClientCertificate]]</var> </li>
<li><var>[[GeneratedPrivateKey (System function)|GeneratedPrivateKey]]</var> </li>
</ul>
</ul>
<p>
<p>

Latest revision as of 15:05, 6 September 2018

Create a certificate request from a private key (String class)

[Requires Janus Network Security]

This method generates a string that contains an SSL certificate request from an object string that contains a private key.

Syntax

%certRequest = string:CertificateRequest[( [Country= string], - [State= string], [City= string], - [Organization= string], - [OrganizationalUnit= string], - [CommonName= string], - [SignatureAlgorithm= digestAlgorithm])] Throws PKCSError

Syntax terms

%certRequest A String or Longstring to contain the generated signed certificate request.
string A String or Longstring that contains an RSA-generated private key. This value must be less than or equal to 4096 (as of version 7.7 of Model 204). The pre-7.7 maximum is 2048 bits.
Country This optional, name required, string argument inserts a country value into the generated certificate request.

State This optional, name required, string argument inserts a state/province value into the generated certificate request.

City This optional, name required, string argument inserts a locality value into the generated certificate request.

Organization This optional, name required, string argument inserts an organization value into the generated certificate request.

OrganizationalUnit This optional, name required, string argument inserts an organization unit (OU) value into the generated certificate request.

CommonName This optional, name required, string argument inserts a common-name (CN) value into the generated certificate request.

SignatureAlgorithm This optional, name required, argument is a DigestAlgorithm enumeration value. Valid values are: MD5, SHA1, SHA256, SHA384 (Model 204 7.7 and later), and SHA512 (Model 204 7.7 and later).

Note: Although supported and currently the default, most modern browsers are deprecating SHA1.

Usage notes

For some background information concerning certificates, see Public-key cryptography and Certificate signing request.

Example

The following request prints a certificate request created from an input private key that is produced by the System method GeneratedPrivateKey:

b %ls is longstring %cr is longstring %ls = %(System):GeneratedPrivateKey(Length=512) %cr = %ls:CertificateRequest(Country='USA',state='MA', city='Waltham', Organization='Rocket') %cr:derToXmlDoc:print end

The result is:

<Sequence> <Sequence> <Integer>0</Integer> <Sequence> <Set> <Sequence> <ObjectIdentifier>2.5.4.6</ObjectIdentifier> <PrintableString>USA</PrintableString> </Sequence> </Set> <Set> <Sequence> <ObjectIdentifier>2.5.4.8</ObjectIdentifier> <PrintableString>MA</PrintableString> </Sequence> </Set> <Set> <Sequence> <ObjectIdentifier>2.5.4.7</ObjectIdentifier> <PrintableString>Waltham</PrintableString> </Sequence> </Set> <Set> <Sequence> <ObjectIdentifier>2.5.4.10</ObjectIdentifier> <PrintableString>Rocket</PrintableString> </Sequence> </Set> </Sequence> <Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.1</ObjectIdentifier> <Null/> </Sequence> <BitString bits="576"> 3046024100A0277685A6EA06E94CF8B ... 0C9E9B07B24FF3D1BB5BBA6F30A9FCF0F- 8F3D80AB2A09EFD020103 </BitString> </Sequence> <ContextSpecific tag="0"/> </Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.5</ObjectIdentifier> <Null/> </Sequence> <BitString bits="512"> 0B8774C79100F621F6E794BDEBD47BE ... 4C410892A5573F24D25AC32374A571F633 </BitString> </Sequence>

See also

String methods:

Stringlist methods:

System methods:

Socket methods: