Loading TOC...

pki:generate-temporary-certificate-if-necessary

pki:generate-temporary-certificate-if-necessary(
   $template-id as xs:unsignedLong,
   $valid-for as xs:unsignedInt,
   $common-name as xs:string,
   $dns-name as xs:string?,
   $ip-addr as xs:string?
) as empty-sequence()

Summary

This function generates a new key pair and temporary certificate from the specified certificate template. If a temporary certificate already exists for the template, this function does nothing. If $dns-name or $ip-addr are specified, those portions of the template are replaced with the specified values. The certificate is inserted into the database. This is used to ensure that secure app servers are initially usable while waiting for signed certificates.

Parameters
$template-id The certificate template id to use for the creating the certificate.
$valid-for The number of days the certificate should be valid for
$common-name The common name to put into the template.
$dns-name The DNS name, if any, to substitute into the template.
$ip-addr The IP address, if any, to substitute into the template

Example

  (: execute this against the security database :)
  xquery version "1.0-ml"; 
  import module namespace pki = "http://marklogic.com/xdmp/pki" 
      at "/MarkLogic/pki.xqy";

  let $tid := pki:template-get-id(pki:get-template-by-name("test"))

  return
     pki:generate-temporary-certificate-if-necessary($tid, 150, "My.Host.com", (), ())

  (: Generates a temporary certificate, if one does not already exist for the template :)
  

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.