Loading TOC...

xdmp.x509CertificateGenerate

xdmp.x509CertificateGenerate(
   $cert as Object,
   [$privateKey as string?],
   [$options as Object?]
) as string

Summary

Generate a new PEM-encoded X.509 certificate.

Parameters
$cert The JSON representation of the X.509 certificate.
$privateKey The PEM-encoded private key. This need not be provided and will be ignored when the credentialId option is used.
$options Options with which to customize this function. This function supports the following options:
caCert
The CA certificate.
passPhrase
The pass phrase for encrypting/decrypting a private key.
credentialId
The credential to be used to sign the generated certificate.

Example

var cert = {
  version: "2",
  serialNumber: "BA0195369CD6B679",
  issuer: {
    countryName: "US",
    stateOrProvinceName: "CA",
    localityName: "San Carlos",
    organizationName: "MarkLogic",
    organizationalUnitName: "Eng",
    emailAddress: "jdonner@marklogic.com",
    commonName: "JGD Certificate Authority",
  },
  validity: {
    notBefore: "2015-04-09T21:24:50Z",
    notAfter: "2015-12-15T21:24:50Z"
  },
  subject: {
    countryName: "US",
    stateOrProvinceName: "CA",
    localityName: "San Carlos",
    organizationName: "MarkLogic",
    organizationalUnitName: "Eng",
    emailAddress: "jdonner@marklogic.com",
    commonName: "JGD Certificate Authority",
  },
  publicKey: "-----BEGIN RSA PUBLIC KEY-----\n" +
"MIIBCgKCAQEAq79ScXTQ54qrYD1cxLW/X3vLIusYq4PSDkKrWIcrwkeEXOEfAPL0\n" +
"WibCYdYi3EE7EqWAFFBxB2OIqC7VxNi3IQXx9b3qdcNKGSjwpBH0bI347IZQJpFw\n" +
"e/n80Srwo4vpvlYIuOlHegOmitZsRfdLZq9j5sWf43rY44YWeZ/qSRVIuYOEonGW\n" +
"0/hIEseeJss61vpkL0aWdytRvX7D88e58JeqA8498E9vVHGzYMWpbgf/F+6pdIwg\n" +
"GdqsI+1/VCy2exAHoSAw/aWVdc/qSMhA5LklcmqsBNOX/5dODnfyp4r8Qrq21KYo\n" +
"oZjib4db4iQ7HheuUeURgnGSuLdznCJoVwIDAQAB\n" +
"-----END RSA PUBLIC KEY-----",
  v3ext: [
    {
      basicConstraints: "CA:TRUE",
      critical:"false",
    },
    {
      keyUsage: "Certificate Sign, CRL Sign",
      critical: "false",
    },
    {
      nsCertType:"SSL Server",
      critical:"false",
    },
    {
      subjectKeyIdentifier:"C9:FC:63:0D:F0:CF:AE:78",
      critical:"false",
    }
  ]
};

var priv_key = 
"-----BEGIN PRIVATE KEY-----\n" +
"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCrv1JxdNDniqtg\n" +
"PVzEtb9fe8si6xirg9IOQqtYhyvCR4Rc4R8A8vRaJsJh1iLcQTsSpYAUUHEHY4io\n" +
"LtXE2LchBfH1vep1w0oZKPCkEfRsjfjshlAmkXB7+fzRKvCji+m+Vgi46Ud6A6aK\n" +
"1mxF90tmr2PmxZ/jetjjhhZ5n+pJFUi5g4SicZbT+EgSx54myzrW+mQvRpZ3K1G9\n" +
"fsPzx7nwl6oDzj3wT29UcbNgxaluB/8X7ql0jCAZ2qwj7X9ULLZ7EAehIDD9pZV1\n" +
"z+pIyEDkuSVyaqwE05f/l04Od/KnivxCurbUpiihmOJvh1viJDseF65R5RGCcZK4\n" +
"t3OcImhXAgMBAAECggEAJgG91du7CzJVwINzzxhFVHUJvB14pSQTzRIV5w5qsaCv\n" +
"+vnaqZQaXQTsyUfhCQrqbrLvSA+RI8h0Cnvq1Jf81rMBG5e+lfb0o+K6diR/CbLV\n" +
"XkpO3GodEWJ9/y/YdujUfkl9vqXpKmg6Z8kRxt318rBnlD8xpd6etqMKwDmSWD+f\n" +
"mkvK11gJJo+bMClalSYGiP5A5bSW2kbp87rB7mc/q0/zfUSB4orIORxZDj5TXma+\n" +
"PGeN+owxEn+m6XA1TM7m32ZKq4exTlP2Vow9KCQ+ppz7dHh2Rllmd/T9EzG8TVKD\n" +
"EoQSRwUvEtjr3Pnn5Y6v/J2F0ji8i9jk1sAqtwnjQQKBgQDdXj3G5ew4A4k2rVcM\n" +
"lFw5lGJFiPUlSttk+NkCmlyNpg5mD0HhsdSH+jK2aws1cga9LTDlNUoi/jrVHIxu\n" +
"2iuWtF2+6k2twjiD0WpSNEQTT3S976XOnspksyWeLyfGHb18lvakUn+UNUx3v05s\n" +
"G98JwrZvL/o8CXYZHrrlHMgDdwKBgQDGncbA8lMyLj0DPmuYbfj1Bv0fqBMfU0p3\n" +
"bVki0XIgXdF/vLLtG/WoEt7xedfeCh/IiuErNOSwgXp/70PbEBL1MgPHpj27GU0J\n" +
"jHyL10avDzpgh80YThar9UXXDjLvLjrcTj7gqK0DGPc8UdN+3gBTGe/K5thx8Wkv\n" +
"S315oTc6IQKBgD2iSqMBS0bBPUf69TysZg0mEkJ4AoFSmUlAu/MslU5fCK1D3D0B\n" +
"rUH62HnPzfwgdl3fojh/INgjXrANVdBbcD1ylJNeWyhg5ilVejvPD5Es0z065zhj\n" +
"H8jv1C55xKI1j5eL1Loluh3CxTqmCiixjeUC0JaejhZ/L+GIm9LEs6+7AoGBAJN3\n" +
"Q8GwagsA/7Xv241CYazzsm6VqRUCD3EalCrg3V6gqdKwtRyNPNi8oiEiOR+X3r9U\n" +
"NhiRXhabG+vvJy94AMtihiHvEThgca1cTIC7prSFlu9jBOk92WF1a5Rf63tglL1L\n" +
"ry24rzR0jeSQUHqKtCz/PeYlfaEj/9fosdHj3BBhAoGBALcCECVC5BhHMVc6CXgr\n" +
"fQuaafMNUwSnGblyKB0y5CnsexHI+f7Ax7Y/fiIHNTjijCVhjss0xpV0PKf3bJZi\n" +
"wsL2Km4FeYdfJZHbumzfkI9bDlpC8B0EbOkfG2EGOxDLEVRtiWR/QqP82gVjyQdz\n" +
"JHjg07MZ786QdyZqUTCB70cw\n" +
"-----END PRIVATE KEY-----";

xdmp.x509CertificateGenerate(cert, priv_key);
==>
-----BEGIN CERTIFICATE-----
MIID/jCCAuagAwIBAgIJALoBlTac1rZ5MA0GCSqGSIb3DQEBCwUAMIGbMQswCQYD
VQQIDAJDQTESMBAGA1UECgwJTWFya0xvZ2ljMRMwEQYDVQQHDApTYW4gQ2FybG9z
MSIwIAYDVQQDDBlKR0QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQswCQYDVQQGEwJV
UzEMMAoGA1UECwwDRW5nMSQwIgYJKoZIhvcNAQkBFhVqZG9ubmVyQG1hcmtsb2dp
Yy5jb20wHhcNMTUwNDA5MjEyNDUwWhcNMTUxMjE1MjEyNDUwWjCBmzELMAkGA1UE
CAwCQ0ExEjAQBgNVBAoMCU1hcmtMb2dpYzETMBEGA1UEBwwKU2FuIENhcmxvczEi
MCAGA1UEAwwZSkdEIENlcnRpZmljYXRlIEF1dGhvcml0eTELMAkGA1UEBhMCVVMx
DDAKBgNVBAsMA0VuZzEkMCIGCSqGSIb3DQEJARYVamRvbm5lckBtYXJrbG9naWMu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq79ScXTQ54qrYD1c
xLW/X3vLIusYq4PSDkKrWIcrwkeEXOEfAPL0WibCYdYi3EE7EqWAFFBxB2OIqC7V
xNi3IQXx9b3qdcNKGSjwpBH0bI347IZQJpFwe/n80Srwo4vpvlYIuOlHegOmitZs
RfdLZq9j5sWf43rY44YWeZ/qSRVIuYOEonGW0/hIEseeJss61vpkL0aWdytRvX7D
88e58JeqA8498E9vVHGzYMWpbgf/F+6pdIwgGdqsI+1/VCy2exAHoSAw/aWVdc/q
SMhA5LklcmqsBNOX/5dODnfyp4r8Qrq21KYooZjib4db4iQ7HheuUeURgnGSuLdz
nCJoVwIDAQABo0MwQTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjARBglghkgB
hvhCAQEEBAMCBkAwEQYDVR0OBAoECMn8Yw3wz654MA0GCSqGSIb3DQEBCwUAA4IB
AQCm3Cm3A7OeHJco/983XgAP7k86flTgfIWhQe6t7zXoMWWy8V4Gh2s+Z67v0yDN
Q1ig+rvTrLQ/0TuoNYCjswEC4FqYSuVNAfW8D0trtu843ZyYt5CYSdv9LxgzKDa/
1JL03pJK1Y297Vg+6JYptyXSBrjAzBKQHK1e9VBJvrtGng4qW6XPnebQKAfdnGm0
r7nPTGkp2es5NMSBEx+AHHQxx2XQShrkRBuKu3eUEehwfsTLIHnrf/yVE80TwklB
/5vjiWK9UXl1zz4ifC+4Avm9Mvbn3ayz7hJkysvPFsoM62r99dEZ+QfwsBjNAH53
7i/9HN7c7w13J5J+8cMX6r26
-----END CERTIFICATE-----

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.