mixin crypto::CertSigner
crypto::CertSigner
The CertSigner allows you to configure various options for signing a certificate from a CSR to generate a signed certifcate.
See RFC5280 for more information on configuring v3 extension values.
- authKeyId
-
abstract This authKeyId(Buf buf)Configure the Authority Key Identifier V3 extension
- basicConstraints
-
abstract This basicConstraints(Bool ca := false, Int? pathLenConstraint := null)Configure the Basic Constraints V3 extension
- ca
-
abstract This ca(PrivKey caPrivKey, Cert caCert)Configure the CA private key and public certificate. If this method is not called, then a self-signed certificate will be generated.
- extendedKeyUsage
-
abstract This extendedKeyUsage(Str[] oids)Configure the Extended Key Usage V3 extension.
- keyUsage
-
abstract This keyUsage(Buf bits)Configure the Key Usage V3 extension
- notAfter
-
abstract This notAfter(Date date)Configure the end date for the certificate validity period. The default value is 365 days from today.
- notBefore
-
abstract This notBefore(Date date)Configure the start date for the certificate valdity period. The default value is today.
- sign
-
abstract Cert sign()Generate the signed certificate based on the current configuration.
- signWith
-
abstract This signWith(Str:Obj opts)Configure the signature algorithm to sign the certificate with. This map is configured the same as a
Crypto.genCsr. By default, an implementation should choose a "strong" signing algorithm. - subjectAltName
-
abstract This subjectAltName(Obj name)Add a Subject Alternative Name to the certificate. This method may be called multiple times to add different SANs. The
namemay be one of the following types:Str: a DNS nameUri: a Uniform Resource Identifier nameIpAddr: an IP address name
- subjectKeyId
-
abstract This subjectKeyId(Buf buf)Configure the Subject Key Identifier V3 extenstion