CertMgr Class
Properties Methods Events Configuration Settings Errors
The CertMgr component is used to manage the digital certificates installed on a system.
Class Name
IPWorksAuth_CertMgr
Procedural Interface
ipworksauth_certmgr_open(); ipworksauth_certmgr_close($res); ipworksauth_certmgr_register_callback($res, $id, $function); ipworksauth_certmgr_get_last_error($res); ipworksauth_certmgr_get_last_error_code($res); ipworksauth_certmgr_set($res, $id, $index, $value); ipworksauth_certmgr_get($res, $id, $index); ipworksauth_certmgr_do_config($res, $configurationstring); ipworksauth_certmgr_do_createcertificate($res, $certsubject, $serialnumber); ipworksauth_certmgr_do_createkey($res, $keyname); ipworksauth_certmgr_do_deletecertificate($res); ipworksauth_certmgr_do_deletekey($res, $keyname); ipworksauth_certmgr_do_exportcertificate($res, $pfxfile, $password); ipworksauth_certmgr_do_generatecsr($res, $certsubject, $keyname); ipworksauth_certmgr_do_importcertificate($res, $pfxfile, $password, $subject); ipworksauth_certmgr_do_importsignedcsr($res, $signedcsr, $keyname); ipworksauth_certmgr_do_issuecertificate($res, $certsubject, $serialnumber); ipworksauth_certmgr_do_listcertificatestores($res); ipworksauth_certmgr_do_listkeys($res); ipworksauth_certmgr_do_listmachinestores($res); ipworksauth_certmgr_do_liststorecertificates($res); ipworksauth_certmgr_do_readcertificate($res, $filename); ipworksauth_certmgr_do_reset($res); ipworksauth_certmgr_do_savecertificate($res, $filename); ipworksauth_certmgr_do_showcertificatechain($res); ipworksauth_certmgr_do_signcsr($res, $csr, $serialnumber);
Remarks
The class methods, such as ListCertificateStores or ListStoreCertificates, are used to list certificate stores and certificates. The corresponding lists are returned via the StoreList and CertList events. Encoded certificates are provided through the events.
You can load a certificate by setting the Cert property of the class, then you can get information about the certificate through the corresponding fields of the Cert property (described below).
The CertSubject, CertSerialNumber, and CertIssuer properties identify the certificate. The CertEffectiveDate and CertExpirationDate show the time boundaries of the certificate.
CertPublicKey, CertPublicKeyAlgorithm, CertPublicKeyLength, and CertVersion provide information about the certificate keys and the certificate format (version).
CertUsageFlags specifies the intended usage of the certificate. The CertUsage property provides a text description of these flags.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
CertEffectiveDate | The date which this certificate becomes valid. |
CertEncoded | The certificate (PEM/base64 encoded). |
CertExpirationDate | The date the certificate expires. |
CertExtendedKeyUsage | A comma-delimited list of extended key usage identifiers. |
CertFingerprint | The hex-encoded, 16-byte MD5 fingerprint of the certificate. |
CertIssuer | The issuer of the certificate. |
CertKeyPassword | The password for the certificate's private key (if any). |
CertPrivateKey | The private key of the certificate (if available). |
CertPrivateKeyAvailable | Shows whether a PrivateKey is available for the selected certificate. |
CertPrivateKeyContainer | The name of the PrivateKey container for the certificate (if available). |
CertPublicKey | The public key of the certificate. |
CertPublicKeyAlgorithm | Textual description of the public key algorithm of the certificate. |
CertPublicKeyLength | The length of the certificate public key (in bits). |
CertSerialNumber | The serial number of the certificate encoded as a string. |
CertSignatureAlgorithm | Text description of the signature algorithm of the certificate. |
CertSubject | The subject of the certificate used for client authentication. |
CertSubjectAltNames | A comma-separated lists of alternative subject names of the certificate. |
CertThumbprintMD5 | MD5 hash of the certificate. |
CertThumbprintSHA1 | SHA1 hash of the certificate. |
CertUsage | Text description of UsageFlags . |
CertUsageFlags | Flags that show intended use for the certificate. |
CertVersion | The certificate's version number. |
CertExtensionCount | The number of records in the CertExtension arrays. |
CertExtensionCritical | Whether or not the extension is defined as critical. |
CertExtensionOID | The ASN. |
CertExtensionValue | The raw value of this certificate extension. |
CertStore | The certificate store to search for certificates. |
CertStorePassword | The password for the certificate store (if any). |
CertStoreType | The type of certificate store for CertStore . |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
Config | Sets or retrieves a configuration setting . |
CreateCertificate | Creates a new self-signed certificate in the current store. |
CreateKey | Creates a new keyset associated with the provided name. |
DeleteCertificate | Deletes the currently selected certificate from the store. |
DeleteKey | Deletes the keyset associated with the provided name. |
ExportCertificate | Saves the current certificate to a PFX file. |
GenerateCSR | Generates a new CSR to be sent to a signing authority. |
ImportCertificate | Imports a certificate from a PFX file into the current certificate store. |
ImportSignedCSR | Imports a signed CSR. |
IssueCertificate | Creates a new certificate in the current store, signed by the selected certificate. |
ListCertificateStores | Lists certificate stores. |
ListKeys | List keysets in a CSP. |
ListMachineStores | List machine certificate stores. |
ListStoreCertificates | List certificates in a store. |
ReadCertificate | Loads a certificate from a file. |
Reset | Resets all certificate properties to their default values. |
SaveCertificate | Saves the current certificate to a file. |
ShowCertificateChain | Show certificate chain. |
SignCSR | Creates a signed certificate from a CSR. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
CertChain | Shows the certificate chain for the certificate (see the ShowCertificateChain method). |
CertList | Lists the certificates in a store (see the ListStoreCertificates method). |
Error | Information about errors during data delivery. |
KeyList | Lists the keysets in a CSP (see the ListKeys method). |
StoreList | Lists the system certificate stores (see the ListCertificateStores and ListMachineStores methods). |
Configuration Settings
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
CertComment | A comment to include in a saved certificate. |
CertCustomExtensionCount | The number of records in the CertCustomExtension arrays. |
CertCustomExtensionCritical[i] | Whether or not the extension is defined as critical. |
CertCustomExtensionOID[i] | The ASN of the extension at index 'i'. |
CertCustomExtensionValue[i] | The raw value of the extension at index 'i'. |
CertificateOutputFormat | The format of the certificate to save. |
CertKeyLength | The public key length for created certificates and keys. |
CertKeyType | The types of keys created for new certificates. |
CertSignatureAlgorithm | The signature algorithm used when creating certificates. |
CertValidityTime | The validity period for the certificate. |
CSP | The Cryptographic Service Provider. |
ImportCertAction | Specified the action to take if a matching certificate or a link to a matching certificate already exists. |
KeyFormat | How the public and private key are formatted. |
ReplaceKey | Whether or not to replace an existing key when creating a new key. |
CodePage | The system code page used for Unicode to Multibyte translations. |