Loading TOC...

pki:get-certificate

pki:get-certificate(
   $template-id as xs:unsignedLong,
   $common-name as xs:string,
   $dns-name as xs:string?,
   $ip-addr as xs:string?
) as element(pki:certificate)?

Summary

This function returns the certificate for the specified template and host. The certificate data is returned in both PEM-encoded and XML formats. The common name must be specified. The DNS name and IP address are optional.

Parameters
$template-id The certificate template id for the certificate to be returned.
$common-name The common hostname (e.g., myhost.company.com or company.com) in the certificate.
$dns-name The DNS name in the certificate.
$ip-addr The IP address name in the certificate.

Example

  (: execute this against the security database :)
  xquery version "1.0-ml"; 
  import module namespace pki = "http://marklogic.com/xdmp/pki" 
      at "/MarkLogic/pki.xqy";
  import module namespace admin = "http://marklogic.com/xdmp/admin" 
      at "/MarkLogic/admin.xqy";

  declare namespace x509=  "http://marklogic.com/xdmp/x509";

  let $config := admin:get-configuration()
  let $hostname := admin:host-get-name(
                       $config, 
                       admin:host-get-id($config, xdmp:host-name()))

  for $tid in pki:get-template-ids()
  return
    pki:get-certificate($tid, $hostname, (), ())
      [x509:cert/x509:issuer/x509:commonName eq "mycert Certificate Authority"]

  (: Returns all of the certificates on the local host that were issued 
     by the "mycert" Certificate Authority. :)
  

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.