Loading TOC...

xdmp:x509-certificate-generate

xdmp:x509-certificate-generate(
   $cert as element(x509:cert),
   [$private-key as xs:string?],
   [$options as (element()|map:map)?]
) as xs:string

Summary

Generate a new PEM-encoded X.509 certificate.

Parameters
$cert The XML representation of the X.509 certificate.
$private-key The PEM encoded private key. This need not be provided and will be ignored when the credential-id option is used.
$options Options with which to customize this function. You can specify options as either an options XML element in the namespace "ssl:options" or a map:map. The options names shown below are XML localnames. When using a map, replace the hyphens in an option name with camel casing. For example, "an-option" becomes "anOption" when used a map key. This function supports the following options:
ca-cert
The CA certificate.
pass-phrase
The pass phrase for encrypting/decrypting a private key.
credential-id
The credential to be used to sign the generated certificate.

Example

xdmp:x509-certificate-generate(
<cert xmlns="http://marklogic.com/xdmp/x509">
  <issuer>
    <stateOrProvinceName>CA</stateOrProvinceName>
    <organizationName>MarkLogic</organizationName>
    <localityName>San Carlos</localityName>
    <commonName>JGD Certificate Authority</commonName>
    <countryName>US</countryName>
    <organizationalUnitName>Eng</organizationalUnitName>
    <emailAddress>jdonner@marklogic.com</emailAddress>
  </issuer>
  <publicKey>
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAq79ScXTQ54qrYD1cxLW/X3vLIusYq4PSDkKrWIcrwkeEXOEfAPL0
WibCYdYi3EE7EqWAFFBxB2OIqC7VxNi3IQXx9b3qdcNKGSjwpBH0bI347IZQJpFw
e/n80Srwo4vpvlYIuOlHegOmitZsRfdLZq9j5sWf43rY44YWeZ/qSRVIuYOEonGW
0/hIEseeJss61vpkL0aWdytRvX7D88e58JeqA8498E9vVHGzYMWpbgf/F+6pdIwg
GdqsI+1/VCy2exAHoSAw/aWVdc/qSMhA5LklcmqsBNOX/5dODnfyp4r8Qrq21KYo
oZjib4db4iQ7HheuUeURgnGSuLdznCJoVwIDAQAB
-----END RSA PUBLIC KEY-----
  </publicKey>
  <subject>
    <stateOrProvinceName>CA</stateOrProvinceName>
    <organizationName>MarkLogic</organizationName>
    <localityName>San Carlos</localityName>
    <commonName>JGD Certificate Authority</commonName>
    <countryName>US</countryName>
    <organizationalUnitName>Eng</organizationalUnitName>
    <emailAddress>jdonner@marklogic.com</emailAddress>
  </subject>
  <validity>
    <notAfter>2015-12-15T21:24:50Z</notAfter>
    <notBefore>2015-04-09T21:24:50Z</notBefore>
  </validity>
  <v3ext>
    <basicConstraints critical="false">CA:TRUE</basicConstraints>
    <keyUsage critical="false">Certificate Sign, CRL Sign</keyUsage>
    <nsCertType critical="false">SSL Server</nsCertType>
    <subjectKeyIdentifier critical="false">C9:FC:63:0D:F0:CF:AE:78</subjectKeyIdentifier>
  </v3ext>
  <version>2</version>
  <serialNumber>BA0195369CD6B679</serialNumber>
</cert>,
"-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCrv1JxdNDniqtg
PVzEtb9fe8si6xirg9IOQqtYhyvCR4Rc4R8A8vRaJsJh1iLcQTsSpYAUUHEHY4io
LtXE2LchBfH1vep1w0oZKPCkEfRsjfjshlAmkXB7+fzRKvCji+m+Vgi46Ud6A6aK
1mxF90tmr2PmxZ/jetjjhhZ5n+pJFUi5g4SicZbT+EgSx54myzrW+mQvRpZ3K1G9
fsPzx7nwl6oDzj3wT29UcbNgxaluB/8X7ql0jCAZ2qwj7X9ULLZ7EAehIDD9pZV1
z+pIyEDkuSVyaqwE05f/l04Od/KnivxCurbUpiihmOJvh1viJDseF65R5RGCcZK4
t3OcImhXAgMBAAECggEAJgG91du7CzJVwINzzxhFVHUJvB14pSQTzRIV5w5qsaCv
+vnaqZQaXQTsyUfhCQrqbrLvSA+RI8h0Cnvq1Jf81rMBG5e+lfb0o+K6diR/CbLV
XkpO3GodEWJ9/y/YdujUfkl9vqXpKmg6Z8kRxt318rBnlD8xpd6etqMKwDmSWD+f
mkvK11gJJo+bMClalSYGiP5A5bSW2kbp87rB7mc/q0/zfUSB4orIORxZDj5TXma+
PGeN+owxEn+m6XA1TM7m32ZKq4exTlP2Vow9KCQ+ppz7dHh2Rllmd/T9EzG8TVKD
EoQSRwUvEtjr3Pnn5Y6v/J2F0ji8i9jk1sAqtwnjQQKBgQDdXj3G5ew4A4k2rVcM
lFw5lGJFiPUlSttk+NkCmlyNpg5mD0HhsdSH+jK2aws1cga9LTDlNUoi/jrVHIxu
2iuWtF2+6k2twjiD0WpSNEQTT3S976XOnspksyWeLyfGHb18lvakUn+UNUx3v05s
G98JwrZvL/o8CXYZHrrlHMgDdwKBgQDGncbA8lMyLj0DPmuYbfj1Bv0fqBMfU0p3
bVki0XIgXdF/vLLtG/WoEt7xedfeCh/IiuErNOSwgXp/70PbEBL1MgPHpj27GU0J
jHyL10avDzpgh80YThar9UXXDjLvLjrcTj7gqK0DGPc8UdN+3gBTGe/K5thx8Wkv
S315oTc6IQKBgD2iSqMBS0bBPUf69TysZg0mEkJ4AoFSmUlAu/MslU5fCK1D3D0B
rUH62HnPzfwgdl3fojh/INgjXrANVdBbcD1ylJNeWyhg5ilVejvPD5Es0z065zhj
H8jv1C55xKI1j5eL1Loluh3CxTqmCiixjeUC0JaejhZ/L+GIm9LEs6+7AoGBAJN3
Q8GwagsA/7Xv241CYazzsm6VqRUCD3EalCrg3V6gqdKwtRyNPNi8oiEiOR+X3r9U
NhiRXhabG+vvJy94AMtihiHvEThgca1cTIC7prSFlu9jBOk92WF1a5Rf63tglL1L
ry24rzR0jeSQUHqKtCz/PeYlfaEj/9fosdHj3BBhAoGBALcCECVC5BhHMVc6CXgr
fQuaafMNUwSnGblyKB0y5CnsexHI+f7Ax7Y/fiIHNTjijCVhjss0xpV0PKf3bJZi
wsL2Km4FeYdfJZHbumzfkI9bDlpC8B0EbOkfG2EGOxDLEVRtiWR/QqP82gVjyQdz
JHjg07MZ786QdyZqUTCB70cw
-----END PRIVATE KEY-----"
);
==>
-----BEGIN CERTIFICATE-----
MIID/jCCAuagAwIBAgIJALoBlTac1rZ5MA0GCSqGSIb3DQEBCwUAMIGbMQswCQYD
VQQIDAJDQTESMBAGA1UECgwJTWFya0xvZ2ljMRMwEQYDVQQHDApTYW4gQ2FybG9z
MSIwIAYDVQQDDBlKR0QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQswCQYDVQQGEwJV
UzEMMAoGA1UECwwDRW5nMSQwIgYJKoZIhvcNAQkBFhVqZG9ubmVyQG1hcmtsb2dp
Yy5jb20wHhcNMTUwNDA5MjEyNDUwWhcNMTUxMjE1MjEyNDUwWjCBmzELMAkGA1UE
CAwCQ0ExEjAQBgNVBAoMCU1hcmtMb2dpYzETMBEGA1UEBwwKU2FuIENhcmxvczEi
MCAGA1UEAwwZSkdEIENlcnRpZmljYXRlIEF1dGhvcml0eTELMAkGA1UEBhMCVVMx
DDAKBgNVBAsMA0VuZzEkMCIGCSqGSIb3DQEJARYVamRvbm5lckBtYXJrbG9naWMu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq79ScXTQ54qrYD1c
xLW/X3vLIusYq4PSDkKrWIcrwkeEXOEfAPL0WibCYdYi3EE7EqWAFFBxB2OIqC7V
xNi3IQXx9b3qdcNKGSjwpBH0bI347IZQJpFwe/n80Srwo4vpvlYIuOlHegOmitZs
RfdLZq9j5sWf43rY44YWeZ/qSRVIuYOEonGW0/hIEseeJss61vpkL0aWdytRvX7D
88e58JeqA8498E9vVHGzYMWpbgf/F+6pdIwgGdqsI+1/VCy2exAHoSAw/aWVdc/q
SMhA5LklcmqsBNOX/5dODnfyp4r8Qrq21KYooZjib4db4iQ7HheuUeURgnGSuLdz
nCJoVwIDAQABo0MwQTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjARBglghkgB
hvhCAQEEBAMCBkAwEQYDVR0OBAoECMn8Yw3wz654MA0GCSqGSIb3DQEBCwUAA4IB
AQCm3Cm3A7OeHJco/983XgAP7k86flTgfIWhQe6t7zXoMWWy8V4Gh2s+Z67v0yDN
Q1ig+rvTrLQ/0TuoNYCjswEC4FqYSuVNAfW8D0trtu843ZyYt5CYSdv9LxgzKDa/
1JL03pJK1Y297Vg+6JYptyXSBrjAzBKQHK1e9VBJvrtGng4qW6XPnebQKAfdnGm0
r7nPTGkp2es5NMSBEx+AHHQxx2XQShrkRBuKu3eUEehwfsTLIHnrf/yVE80TwklB
/5vjiWK9UXl1zz4ifC+4Avm9Mvbn3ayz7hJkysvPFsoM62r99dEZ+QfwsBjNAH53
7i/9HN7c7w13J5J+8cMX6r26
-----END CERTIFICATE-----

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.

Comments

The commenting feature on this page is enabled by a third party. Comments posted to this page are publicly visible.