Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
OpenXPKI::Server::NICEUsercContributed Perl DoOpenXPKI::Server::NICE::Local(3)

Name
       OpenXPKI::Server::NICE::Local

Description
       This module implements the OpenXPKI NICE	Interface using	the local
       crypto backend

Configuration
       The module does not require nor accept any configuration	options.

API Functions
   issueCertificate
       Issues a	certitficate, will autodetect the most current ca for the
       requested profile. Issuer can be	enforced by passing the	issuer alias
       as second parameter, the	certificates validity will be tailored to fit
       into the	CA validity window.

       Takes only the key information from the pkcs10 and requires subject,
       SAN and validity	to be given as context parameters.

   renewCertificate
       Currently only an alias for issueCertificate

   revokeCertificate
       Set the status field of the certificate table to
       "CRL_ISSUANCE_PENDING".

   checkForRevocation
       Queries the certifictes status from the local certificate datasbase.

   issueCRL
       Creates a crl for the given ca and pushes it into the database for
       publication.  Incremental CRLs are not supported.

       The first parameter must	be the ca-alias, the second parameter is as
       hash with options:

       crl_validity
	   OpenXPKI::DateTime relative date, overrides the profile validity.

       delta_crl
	   not supported yet.

       reason_code
	   List	of reason codes	to be included in the CRL (CRL Scope), default
	   is to include all reason codes.

       remove_expired
	   Boolean, if set, only certifcates with a notafter greater than now
	   are included	in the CRL, by default the CRL also lists expired
	   certificates.

   generateKey
       Calls the local API method generate_key,	input parameters are "drop in"
       compatible to the Tools::GenerateKey activity. The return value is a
       hash:

       pkey
	   The PEM encoded private key,	including header/footer	lines

       pubkey
	   The base64 encoded public key (no line breaks or headers)

       key_id
	   The key identifier, sha1 hash (uppercase hex) of pubkey, same
	   format as subject_key_id of PKCS10 and x509 classes.

   fetchKey
       Loads the private key from the datapool based on	the used key_id.

perl v5.32.0			  2020-08-29  OpenXPKI::Server::NICE::Local(3)

Name | Description | Configuration | API Functions

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=OpenXPKI::Server::NICE::Local&sektion=3&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help