Top

Name

xenc_pem_export — Export of a certificate and optionally private key in PEM format

Synopsis

xenc_pem_export ( in key_name varchar ,
  in pk_flag integer );
 

Description

The function is used to export certificate in PEM format, optionally it can export also private key (if present)

Parameters

key_name

The key name which keeps the certificate

pk_flag

A flag : 1 or 0, by default 0. It denotes to export or to skip exporting private key.

Examples

Example 24.481. Creating a certificate and exporting it in PEM format

The example below imports a client public key, then it creates a certificate and sign it with CA's private key and finally it exports the generated certificate in PEM format.

kname := xenc_SPKI_read (null, replace (get_keyword ('key', params), '\r\n', ''));
xenc_x509_generate (
    'id_rsa',
    kname,
    sequence_next ('ca_id_rsa'),
    365,
		vector (
			'CN', get_keyword ('name', params, name),
			'C',  get_keyword ('c', params, name),
			'O',  get_keyword ('o', params, name),
			'OU', get_keyword ('ou', params, name),
			'emailAddress', get_keyword ('email', params)
			),
		vector (
		  'subjectAltName',
		  'URI:'||webid,
		  'nsComment',
		  'Virtuoso Generated Certificate',
			'authorityKeyIdentifier',
			'keyid,issuer:always'));
cvalue := xenc_pem_export (kname);

Example 24.482. Export Web Server certificate for Virtuoso HTTPS endpoints

This example exports Web Server certificate generated for Virtuoso HTTPS Endpoint:

  1. Configure an HTTPS Listener for handling HTTPS requests from HTTP user agents (clients).

  2. Suppose the generate certificate from the previous step has name "https_key_localhost"

  3. To export the certificate, execute from iSQL:

    SQL> SELECT xenc_pem_export ('https_key_localhost');
    

    Figure 24.1. iSQL Export Web Server Sertificate Output

    iSQL Export Web Server Sertificate Output