XQuery admin:appserver-set-ssl-client-issuer-authority-verification

admin.appserverSetSslClientIssuerAuthorityVerification

admin.appserverSetSslClientIssuerAuthorityVerification(
   config as element(configuration),
   appserver-id as (Number|String),
   value as Boolean
) as element(configuration)

Summary

This function determines whether the App Server only accepts client certificates signed directly by a selected CA in the Admin Interface or client certificates that have a parent CA that is indirectly signed by one or more ancestor CAs selected in the Admin Interface (same as prior to MarkLogic 9.0-8).

Parameters
config	A configuration specification, typically as returned from one of the Admin module functions.
appserver-id	The ID of the App Server. Typically, this is the result of an `admin:appserver-get-id` call.
value	Set to `fn:true()` to make the App Server only accept client certificates signed directly by a selected CA in the Admin Interface. Set to `fn:false()` to make the App Server accept client certificates that have a parent signer, along with all of its ancestor signers selected in the Admin Interface (same as prior to MarkLogic 9.0-8).

Required Privileges

This operation requires at least one of the following privileges:

http://marklogic.com/xdmp/privileges/admin/app-server-security

http://marklogic.com/xdmp/privileges/admin/app-server-security/{id}

http://marklogic.com/xdmp/privileges/admin/group-security

http://marklogic.com/xdmp/privileges/admin/group-security/{id}

Example

  
 
  const admin = require('/MarkLogic/admin.xqy');
  var config = admin.getConfiguration()
  admin.appserverGetSslClientIssuerAuthorityVerification(
                   config, 
                   admin.appserverGetId(config, (), "myAppServer"),
                   fn.true())