pki:authority-create-host-certificate( $credential-id as xs:unsignedLong, $subject as element(x509:subject), $not-before as xs:dateTime, $not-after as xs:dateTime, $dns-name as xs:string?, $ip-addr as xs:string? ) as xs:string*
This function creates a host certificate, signed by the specified secure credential, and returns a PEM encoded host certificate and private key.
xquery version "1.0-ml"; import module namespace pki = "http://marklogic.com/xdmp/pki" at "/MarkLogic/pki.xqy"; declare namespace x509 = "http://marklogic.com/xdmp/x509"; let $tmp := pki:authority-create-host-certificate( xdmp:credential-id("acme-ca"), element x509:subject { element x509:countryName {"US"}, element x509:stateOrProvinceName {"California"}, element x509:localityName {"San Carlos"}, element x509:organizationName {"Acme Inc."}, element x509:organizationalUnitName {"Engineering"}, element x509:commonName {"www.eng.acme.com"}, element x509:emailAddress {"www-eng@acme.com"} }, fn:current-dateTime(), fn:current-dateTime() + xs:dayTimeDuration("P365D"), "www.eng.acme.com", "1.2.3.4") let $cert := $tmp[1] let $privkey := $tmp[2] return ( xdmp:x509-certificate-extract($cert), $cert, $privkey )
Stack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.