Name
xenc_x509_ss_generate — Creates a self-signed X.509v3 certificate
Synopsis
xenc_x509_ss_generate ( |
in key_name varchar , |
| in serial integer , | |
| in validity integer , | |
| in subject vector , | |
in extensions vector
); |
Description
This function is used to create a self-signed X.509 certificate by given private key
Parameters
key_name
The name of the key used to create and sign the certificate
serial
The serial number
validity
Certificate's validity in days
subject
An array of name/value pairs representing the subject aka name enties
extensions
An array of name/value pairs to add as X.509v3 extensions to certificate
Examples
Example24.478.Self-signed certificate generation
The example below shows how could be created RSA private key, then self-signed certificate and finally to be stored in the user's key store.
...
xenc_key_RSA_create ('id_rsa', atoi (get_keyword ('num', params, '1024')));
xenc_x509_ss_generate ('id_rsa', sequence_next ('ca_id_rsa'), 365,
vector ('C', get_keyword ('c', params),
'O', get_keyword ('o', params),
'CN', get_keyword ('name', params),
'emailAddress', get_keyword ('email', params)),
vector ('authorityKeyIdentifier', 'keyid,issuer:always'));
USER_KEY_STORE (user, 'id_rsa', 'X.509', 2, '', xenc_pkcs12_export ('id_rsa', 'CA Certificate', ''));
...