MarkLogic 10 Product Documentation

admin.appserverSetSslClientCertificateAuthorities

admin.appserverSetSslClientCertificateAuthorities(
   config as element(configuration),
   appserver-id as (Number|String),
   value as (Number|String)[]
) as element(configuration)

Summary

This function sets one or more client certificate authorities that sign client certificates for the specified App Server. This function is typically used along with the pki.insertTrustedCertificates and pki.getTrustedCertificateIds functions to import trusted Certificate Authorities for client certificates.

Required Privileges

http://marklogic.com/xdmp/privileges/admin/app-server-security

http://marklogic.com/xdmp/privileges/admin/app-server-security/{id}

http://marklogic.com/xdmp/privileges/admin/group-security

http://marklogic.com/xdmp/privileges/admin/group-security/{id}

Example

  let pki = require("/MarkLogic/pki.xqy")
  let admin = require("/MarkLogic/admin.xqy")

  let config = admin.getConfiguration()
  let groupid = admin.groupGetId(config, "Default")
  let appservid = admin.appserverGetId(config, groupid, "myAppServer")

  let certId = []
  for(let cert of pki.getCertificates(pki.getTrustedCertificateIds()).toObject())
    if(cert.xpath("x509:cert/x509:subject/x509:commonName/text()",{"x509":"http://marklogic.com/xdmp/x509"}) == 'Acme Certificate Authority' &&
        cert.xpath("x509:cert/x509:subject/x509:organizationName/text()",{"x509":"http://marklogic.com/xdmp/x509"}) == 'Acme Corporatio')
      certId.push(cert.xpath("pki:certificate-id"))
      
  admin.appserverSetSslClientCertificateAuthorities(
	config,
  appservid,
	certId)