Loading TOC...
XQuery xdmp:x509-certificate-generate

MarkLogic Server 11.0 Product Documentation
xdmp.x509CertificateGenerate

xdmp.x509CertificateGenerate(
   cert as Object,
   [privateKey as string?],
   [options as Object?]
) as string

Summary

Generate a new PEM-encoded X.509 certificate.

Parameters
cert The JSON representation of the X.509 certificate.
privateKey The PEM-encoded private key. This need not be provided and will be ignored when the credentialId option is used.
options Options with which to customize this function. This function supports the following options:
caCert
The CA certificate.
passPhrase
The pass phrase for encrypting/decrypting a private key.
credentialId
The credential to be used to sign the generated certificate.

Example

var cert = {
  version: "2",
  serialNumber: "BA0195369CD6B679",
  issuer: {
    countryName: "US",
    stateOrProvinceName: "CA",
    localityName: "San Carlos",
    organizationName: "MarkLogic",
    organizationalUnitName: "Eng",
    emailAddress: "jdonner@marklogic.com",
    commonName: "JGD Certificate Authority",
  },
  validity: {
    notBefore: "2015-04-09T21:24:50Z",
    notAfter: "2015-12-15T21:24:50Z"
  },
  subject: {
    countryName: "US",
    stateOrProvinceName: "CA",
    localityName: "San Carlos",
    organizationName: "MarkLogic",
    organizationalUnitName: "Eng",
    emailAddress: "jdonner@marklogic.com",
    commonName: "JGD Certificate Authority",
  },
  publicKey: "-----BEGIN RSA PUBLIC KEY-----\n" +
"MIIBCgKCAQEAq79ScXTQ54qrYD1cxLW/X3vLIusYq4PSDkKrWIcrwkeEXOEfAPL0\n" +
"WibCYdYi3EE7EqWAFFBxB2OIqC7VxNi3IQXx9b3qdcNKGSjwpBH0bI347IZQJpFw\n" +
"e/n80Srwo4vpvlYIuOlHegOmitZsRfdLZq9j5sWf43rY44YWeZ/qSRVIuYOEonGW\n" +
"0/hIEseeJss61vpkL0aWdytRvX7D88e58JeqA8498E9vVHGzYMWpbgf/F+6pdIwg\n" +
"GdqsI+1/VCy2exAHoSAw/aWVdc/qSMhA5LklcmqsBNOX/5dODnfyp4r8Qrq21KYo\n" +
"oZjib4db4iQ7HheuUeURgnGSuLdznCJoVwIDAQAB\n" +
"-----END RSA PUBLIC KEY-----",
  v3ext: [
    {
      basicConstraints: "CA:TRUE",
      critical:"false",
    },
    {
      keyUsage: "Certificate Sign, CRL Sign",
      critical: "false",
    },
    {
      nsCertType:"SSL Server",
      critical:"false",
    },
    {
      subjectKeyIdentifier:"C9:FC:63:0D:F0:CF:AE:78",
      critical:"false",
    }
  ]
};

var priv_key = 
"-----BEGIN PRIVATE KEY-----\n" +
"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCrv1JxdNDniqtg\n" +
"PVzEtb9fe8si6xirg9IOQqtYhyvCR4Rc4R8A8vRaJsJh1iLcQTsSpYAUUHEHY4io\n" +
"LtXE2LchBfH1vep1w0oZKPCkEfRsjfjshlAmkXB7+fzRKvCji+m+Vgi46Ud6A6aK\n" +
"1mxF90tmr2PmxZ/jetjjhhZ5n+pJFUi5g4SicZbT+EgSx54myzrW+mQvRpZ3K1G9\n" +
"fsPzx7nwl6oDzj3wT29UcbNgxaluB/8X7ql0jCAZ2qwj7X9ULLZ7EAehIDD9pZV1\n" +
"z+pIyEDkuSVyaqwE05f/l04Od/KnivxCurbUpiihmOJvh1viJDseF65R5RGCcZK4\n" +
"t3OcImhXAgMBAAECggEAJgG91du7CzJVwINzzxhFVHUJvB14pSQTzRIV5w5qsaCv\n" +
"+vnaqZQaXQTsyUfhCQrqbrLvSA+RI8h0Cnvq1Jf81rMBG5e+lfb0o+K6diR/CbLV\n" +
"XkpO3GodEWJ9/y/YdujUfkl9vqXpKmg6Z8kRxt318rBnlD8xpd6etqMKwDmSWD+f\n" +
"mkvK11gJJo+bMClalSYGiP5A5bSW2kbp87rB7mc/q0/zfUSB4orIORxZDj5TXma+\n" +
"PGeN+owxEn+m6XA1TM7m32ZKq4exTlP2Vow9KCQ+ppz7dHh2Rllmd/T9EzG8TVKD\n" +
"EoQSRwUvEtjr3Pnn5Y6v/J2F0ji8i9jk1sAqtwnjQQKBgQDdXj3G5ew4A4k2rVcM\n" +
"lFw5lGJFiPUlSttk+NkCmlyNpg5mD0HhsdSH+jK2aws1cga9LTDlNUoi/jrVHIxu\n" +
"2iuWtF2+6k2twjiD0WpSNEQTT3S976XOnspksyWeLyfGHb18lvakUn+UNUx3v05s\n" +
"G98JwrZvL/o8CXYZHrrlHMgDdwKBgQDGncbA8lMyLj0DPmuYbfj1Bv0fqBMfU0p3\n" +
"bVki0XIgXdF/vLLtG/WoEt7xedfeCh/IiuErNOSwgXp/70PbEBL1MgPHpj27GU0J\n" +
"jHyL10avDzpgh80YThar9UXXDjLvLjrcTj7gqK0DGPc8UdN+3gBTGe/K5thx8Wkv\n" +
"S315oTc6IQKBgD2iSqMBS0bBPUf69TysZg0mEkJ4AoFSmUlAu/MslU5fCK1D3D0B\n" +
"rUH62HnPzfwgdl3fojh/INgjXrANVdBbcD1ylJNeWyhg5ilVejvPD5Es0z065zhj\n" +
"H8jv1C55xKI1j5eL1Loluh3CxTqmCiixjeUC0JaejhZ/L+GIm9LEs6+7AoGBAJN3\n" +
"Q8GwagsA/7Xv241CYazzsm6VqRUCD3EalCrg3V6gqdKwtRyNPNi8oiEiOR+X3r9U\n" +
"NhiRXhabG+vvJy94AMtihiHvEThgca1cTIC7prSFlu9jBOk92WF1a5Rf63tglL1L\n" +
"ry24rzR0jeSQUHqKtCz/PeYlfaEj/9fosdHj3BBhAoGBALcCECVC5BhHMVc6CXgr\n" +
"fQuaafMNUwSnGblyKB0y5CnsexHI+f7Ax7Y/fiIHNTjijCVhjss0xpV0PKf3bJZi\n" +
"wsL2Km4FeYdfJZHbumzfkI9bDlpC8B0EbOkfG2EGOxDLEVRtiWR/QqP82gVjyQdz\n" +
"JHjg07MZ786QdyZqUTCB70cw\n" +
"-----END PRIVATE KEY-----";

xdmp.x509CertificateGenerate(cert, priv_key);
==>
-----BEGIN CERTIFICATE-----
MIID/jCCAuagAwIBAgIJALoBlTac1rZ5MA0GCSqGSIb3DQEBCwUAMIGbMQswCQYD
VQQIDAJDQTESMBAGA1UECgwJTWFya0xvZ2ljMRMwEQYDVQQHDApTYW4gQ2FybG9z
MSIwIAYDVQQDDBlKR0QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQswCQYDVQQGEwJV
UzEMMAoGA1UECwwDRW5nMSQwIgYJKoZIhvcNAQkBFhVqZG9ubmVyQG1hcmtsb2dp
Yy5jb20wHhcNMTUwNDA5MjEyNDUwWhcNMTUxMjE1MjEyNDUwWjCBmzELMAkGA1UE
CAwCQ0ExEjAQBgNVBAoMCU1hcmtMb2dpYzETMBEGA1UEBwwKU2FuIENhcmxvczEi
MCAGA1UEAwwZSkdEIENlcnRpZmljYXRlIEF1dGhvcml0eTELMAkGA1UEBhMCVVMx
DDAKBgNVBAsMA0VuZzEkMCIGCSqGSIb3DQEJARYVamRvbm5lckBtYXJrbG9naWMu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq79ScXTQ54qrYD1c
xLW/X3vLIusYq4PSDkKrWIcrwkeEXOEfAPL0WibCYdYi3EE7EqWAFFBxB2OIqC7V
xNi3IQXx9b3qdcNKGSjwpBH0bI347IZQJpFwe/n80Srwo4vpvlYIuOlHegOmitZs
RfdLZq9j5sWf43rY44YWeZ/qSRVIuYOEonGW0/hIEseeJss61vpkL0aWdytRvX7D
88e58JeqA8498E9vVHGzYMWpbgf/F+6pdIwgGdqsI+1/VCy2exAHoSAw/aWVdc/q
SMhA5LklcmqsBNOX/5dODnfyp4r8Qrq21KYooZjib4db4iQ7HheuUeURgnGSuLdz
nCJoVwIDAQABo0MwQTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjARBglghkgB
hvhCAQEEBAMCBkAwEQYDVR0OBAoECMn8Yw3wz654MA0GCSqGSIb3DQEBCwUAA4IB
AQCm3Cm3A7OeHJco/983XgAP7k86flTgfIWhQe6t7zXoMWWy8V4Gh2s+Z67v0yDN
Q1ig+rvTrLQ/0TuoNYCjswEC4FqYSuVNAfW8D0trtu843ZyYt5CYSdv9LxgzKDa/
1JL03pJK1Y297Vg+6JYptyXSBrjAzBKQHK1e9VBJvrtGng4qW6XPnebQKAfdnGm0
r7nPTGkp2es5NMSBEx+AHHQxx2XQShrkRBuKu3eUEehwfsTLIHnrf/yVE80TwklB
/5vjiWK9UXl1zz4ifC+4Avm9Mvbn3ayz7hJkysvPFsoM62r99dEZ+QfwsBjNAH53
7i/9HN7c7w13J5J+8cMX6r26
-----END CERTIFICATE-----

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.