MarkLogic 9 Product Documentation
pki:get-certificate

pki:get-certificate(
   $template-id as xs:unsignedLong,
   $common-name as xs:string,
   $dns-name as xs:string?,
   $ip-addr as xs:string?
) as element(pki:certificate)?

Summary

This function returns the certificate for the specified template and host. The certificate data is returned in both PEM-encoded and XML formats. The common name must be specified. The DNS name and IP address are optional.

Parameters
template-id	The certificate template id for the certificate to be returned.
common-name	The common hostname (e.g., `myhost.company.com` or `company.com`) in the certificate.
dns-name	The DNS name in the certificate.
ip-addr	The IP address name in the certificate.

Example

  (: execute this against the security database :)
  xquery version "1.0-ml"; 
  import module namespace pki = "http://marklogic.com/xdmp/pki" 
      at "/MarkLogic/pki.xqy";
  import module namespace admin = "http://marklogic.com/xdmp/admin" 
      at "/MarkLogic/admin.xqy";

  declare namespace x509=  "http://marklogic.com/xdmp/x509";

  let $config := admin:get-configuration()
  let $hostname := admin:host-get-name(
                       $config, 
                       admin:host-get-id($config, xdmp:host-name()))

  for $tid in pki:get-template-ids()
  return
    pki:get-certificate($tid, $hostname, (), ())
      [x509:cert/x509:issuer/x509:commonName eq "mycert Certificate Authority"]

  (: Returns all of the certificates on the local host that were issued 
     by the "mycert" Certificate Authority. :)

Stack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.

MarkLogic 9 Product Documentationpki:get-certificate

Summary

Example

MarkLogic 9 Product Documentation
pki:get-certificate