Class X509CertificateIssuer
Class implementing a certification authority issuing X.509 certificates and CRLs
Defined in: X509CertificateIssuer.js.
| Constructor Attributes | Constructor Name and Description |
|---|---|
|
X509CertificateIssuer(daof, cpf, holder)
Create a certification authority that issues X.509 certificates and CRLs
|
| Method Attributes | Method Name and Description |
|---|---|
|
addCRLDistributionPoint(crldp)
Add a CRL distribution point to issued certificates
|
|
| <static> |
X509CertificateIssuer.createCertificateIssuer(daof, pathOrHolderId, certtype, template)
Create a new certificate issuer
|
|
issueCertificate(certholder, pubkey, subject, extensions, srId)
Issue a new certificate for the given subject and public key
|
|
|
issueCRL()
Issue a CRL
|
|
|
issueSelfSignedCertificate(keyId, srId)
Issue a self-signed certificate for the given keyId.
|
Class Detail
X509CertificateIssuer(daof, cpf, holder)
Create a certification authority that issues X.509 certificates and CRLs
- Parameters:
- {DAOFactory} daof
- the factory that can create the required data access objects
- {CryptoProviderFactory} cpf
- factory implementing getCryptoProvider() used to get access to crypto providers
- {Holder} holder
- the holder object for this signer the database
Method Detail
addCRLDistributionPoint(crldp)
Add a CRL distribution point to issued certificates
- Parameters:
- {String} crldp
- the URL of the distribution point
<static>
{Number}
X509CertificateIssuer.createCertificateIssuer(daof, pathOrHolderId, certtype, template)
Create a new certificate issuer
- Parameters:
- {DAOFactory} daof
- the factory that can create the required data access objects
- {String/Number} pathOrHolderId
- the path of holderIDs (eg. "/UTCVCA/UTDVCA/UTTERM") or the holderId from the database
- {Number} certtype
- optional argument, default Holder.X509
- template
- Returns:
- the newly created holder id
{X509}
issueCertificate(certholder, pubkey, subject, extensions, srId)
Issue a new certificate for the given subject and public key
- Parameters:
- {Number/String/Object} certholder
- the holder id, path or object
- {Key} pubkey
- the public key
- {Object} subject
- in ASN1 format or a format accepted by PKIXCommon.encodeName()
- {Object[]} extensions
- array of certificate extensions objects with properties oid{String}, critical{boolean} and value{ByteString}
- {Number} srId
- service request id to be stored with issued certificate
- Returns:
- the newly generated certificate
{CRL}
issueCRL()
Issue a CRL
- Returns:
- the newly issued CRL
issueSelfSignedCertificate(keyId, srId)
Issue a self-signed certificate for the given keyId.
The key must have been previously generated using the newSigner() method
- Parameters:
- {ByteString} keyId
- the subject key identifier
- {Number} srId
- service request id to be stored with issued certificate