Codeunit CertificateRequest
Provides helper functionality for creating Certificate Signing Requests (CSR:s) and Self Signed Certificates.
Properties
| Name | Value |
|---|---|
| Access | Public |
| InherentEntitlements | X |
| InherentPermissions | X |
Methods
InitializeRSA
Initializes a new instance of RSACryptoServiceProvider with the specified key size and returns the key as an XML string.
[NonDebuggable]
procedure InitializeRSA(KeySize: Integer, IncludePrivateParameters: Boolean, var KeyAsXmlString: Text)Parameters
| Name | Type | Description |
|---|---|---|
| KeySize | Integer |
The size of the key in bits. |
| IncludePrivateParameters | Boolean |
True to include a public and private RSA key in KeyAsXmlString. False to include only the public key. |
| KeyAsXmlString | Text |
Returns an XML string that contains the key of the RSA object that was created. |
InitializeRSA
Initializes a new instance of RSACryptoServiceProvider with the specified key size and returns the key as an XML string.
procedure InitializeRSA(KeySize: Integer, IncludePrivateParameters: Boolean, var KeyAsXmlString: SecretText)Parameters
| Name | Type | Description |
|---|---|---|
| KeySize | Integer |
The size of the key in bits. |
| IncludePrivateParameters | Boolean |
True to include a public and private RSA key in KeyAsXmlString. False to include only the public key. |
| KeyAsXmlString | SecretText |
Returns an XML string that contains the key of the RSA object that was created. |
InitializeCertificateRequestUsingRSA
Initializes a new instance of the CertificateRequest with the specified parameters and the initialized RSA key.
procedure InitializeCertificateRequestUsingRSA(SubjectName: Text, HashAlgorithm: Enum "Hash Algorithm", RSASignaturePaddingMode: Enum "RSA Signature Padding")Parameters
| Name | Type | Description |
|---|---|---|
| SubjectName | Text |
The string representation of the subject name for the certificate or certificate request. |
| HashAlgorithm | Enum System.Security.Encryption."Hash Algorithm" |
The hash algorithm to use when signing the certificate or certificate request. |
| RSASignaturePaddingMode | Enum System.Security.Encryption."RSA Signature Padding" |
The RSA signature padding to apply if self-signing or being signed with an X509Certificate2. |
AddX509BasicConstraintToCertificateRequest
Adds a X509BasicConstraint to the Certificate Request. See https://learn.microsoft.com/dotnet/api/system.security.cryptography.x509certificates.x509basicconstraintsextension
procedure AddX509BasicConstraintToCertificateRequest(CertificateAuthority: Boolean, HasPathLengthConstraint: Boolean, PathLengthConstraint: Integer, Critical: Boolean)Parameters
| Name | Type | Description |
|---|---|---|
| CertificateAuthority | Boolean |
True if the certificate is from a certificate authority (CA). Otherwise, false. |
| HasPathLengthConstraint | Boolean |
True if the certificate has a restriction on the number of path levels it allows; otherwise, false. |
| PathLengthConstraint | Integer |
The number of levels allowed in a certificate's path. |
| Critical | Boolean |
True if the extension is critical. Otherwise, false. |
AddX509EnhancedKeyUsageToCertificateRequest
Adds a X509EnhancedKeyUsage to the Certificate Request. See https://learn.microsoft.com/dotnet/api/system.security.cryptography.x509certificates.x509enhancedkeyusageextension
procedure AddX509EnhancedKeyUsageToCertificateRequest(OidValues: List of [Text], Critical: Boolean)Parameters
| Name | Type | Description |
|---|---|---|
| OidValues | List of [Text] |
List of Oid values (for example '1.3.6.1.5.5.7.3.2') to add. |
| Critical | Boolean |
True if the extension is critical; otherwise, false. |
AddX509KeyUsageToCertificateRequest
Adds a X509KeyUsage to the certificate request. See https://learn.microsoft.com/dotnet/api/system.security.cryptography.x509certificates.x509keyusageextension
procedure AddX509KeyUsageToCertificateRequest(X509KeyUsageFlags: Integer, Critical: Boolean)Parameters
| Name | Type | Description |
|---|---|---|
| X509KeyUsageFlags | Integer |
The sum of all flag values that are to be added. See https://learn.microsoft.com/dotnet/api/system.security.cryptography.x509certificates.x509keyusageflags |
| Critical | Boolean |
True if the extension is critical; otherwise, false. |
CreateSigningRequest
Creates an ASN.1 DER-encoded PKCS#10 CertificationRequest and returns a Base 64 encoded string.
procedure CreateSigningRequest(var SigningRequestPemString: Text)Parameters
| Name | Type | Description |
|---|---|---|
| SigningRequestPemString | Text |
Returns the SigningRequest in Base 64 string format. |
GetX509CertificateRequestExtensionCount
Gets how many X509Extensions have been added to the X509CertificateRequest.
procedure GetX509CertificateRequestExtensionCount(): IntegerReturns
| Type | Description |
|---|---|
| Integer |
The number of added extensions. |
CreateSigningRequest
Creates an ASN.1 DER-encoded PKCS#10 CertificationRequest and returns it in an OutStream.
procedure CreateSigningRequest(SigningRequestOutStream: OutStream)Parameters
| Name | Type | Description |
|---|---|---|
| SigningRequestOutStream | OutStream |
OutStream. |
CreateSelfSigned
Creates a self-signed certificate using the established subject, key, and optional extensions.
procedure CreateSelfSigned(NotBefore: DateTime, NotAfter: DateTime, X509ContentType: Enum "X509 Content Type", var CertBase64Value: Text)Parameters
| Name | Type | Description |
|---|---|---|
| NotBefore | DateTime |
The oldest date and time when this certificate is considered valid. |
| NotAfter | DateTime |
The date and time when this certificate is no longer considered valid. |
| X509ContentType | Enum System.Security.Encryption."X509 Content Type" |
Specifies the format of an X.509 certificate. |
| CertBase64Value | Text |
Returns the certificate value encoded using the Base64 algorithm. |