pki:get-certificate( $template-id as xs:unsignedLong, $common-name as xs:string, $dns-name as xs:string?, $ip-addr as xs:string? ) as element(pki:certificate)?
This function returns the certificate for the specified template and host. The certificate data is returned in both PEM-encoded and XML formats. The common name must be specified. The DNS name and IP address are optional.
(: execute this against the security database :) xquery version "1.0-ml"; import module namespace pki = "http://marklogic.com/xdmp/pki" at "/MarkLogic/pki.xqy"; import module namespace admin = "http://marklogic.com/xdmp/admin" at "/MarkLogic/admin.xqy"; declare namespace x509= "http://marklogic.com/xdmp/x509"; let $config := admin:get-configuration() let $hostname := admin:host-get-name( $config, admin:host-get-id($config, xdmp:host-name())) for $tid in pki:get-template-ids() return pki:get-certificate($tid, $hostname, (), ()) [x509:cert/x509:issuer/x509:commonName eq "mycert Certificate Authority"] (: Returns all of the certificates on the local host that were issued by the "mycert" Certificate Authority. :)