wm.tn.security:getAllCertificateData
Retrieves information about active and inactive certificates for a given combination of owner, partner, and usage.
Input Parameters
ownerID | String The internal partner ID of the owner of the certificates. |
partnerID | String (optional) The internal partner ID of the certificate owner’s partner. See the Usage Notes at the end of this service’s description for information about how the certificate data is used if partnerID is not specified. |
usage | String Specify one of the following values:  sign - The private key is used as a signing key for the owner to send digitally signed documents to the partner. The public key is used by the partner to verify the signed document. decrypt - The private key is used to decrypt the encrypted document sent to the owner from the partner. Public certificates are used to encrypt the document by the partner. ssl - The certificate is used as a client SSL certificate for the owner to establish an SSL connection to the partner's secure server. |
Output Parameters
certIData | Document List An array of IData objects each with the following fields: |
| Key | Description |
| certID | String The internal ID that uniquely identifies the certificate data that is retrieved. If the input parameter certID is specified, the same certID appears in the output pipeline. |
| ownerID | String The internal partner ID of the owner of the certificate. |
| partnerID | String The internal partner ID of the certificate owner’s partner. |
| usage | String Indicates how the certificate is used: sign - The private key is used as a signing key for the owner to send digitally signed documents to the partner. The public key is used by the partner to verify the signed document. decrypt - The private key is used to decrypt the encrypted document sent to the owner from the partner. Public certificates are used by the partner to encrypt the document. ssl - The certificate is used as a client SSL certificate for the owner to establish an SSL connection to the partner's secure server. |
| chainBytes | Object An array of byte arrays. Each byte array represents a java.security.cert.X509Certificate. The certificates are in node-to-root order. The first certificate in the array is the sign/decrypt/SSL client certificate. Each subsequent certificate is the certificate that was used to sign the previous certificate in the array. |
| keyBytes | Object A byte array that represents the private key that is used to generate the certificate. |
| expirationDate | String The expiration date of the certificate. |
| priority | String Identifies whether the certificate is the primary or secondary certificate, as follows: 0 - The certificate is the primary (active) certificate. 1 - The certificate is the secondary (inactive) certificate. |
| keyStoreAlias | String Alias for the keystore file associated with the certificate. Note:
Keystores apply only to Enterprise profiles. If you are adding certificate data for your Enterprise profile, supply a value for this parameter. If you are adding certificate data for a partner profile, leave this parameter blank. |
| keyAlias | String Configured private key alias in the specified keystore. Note:
Key aliases apply only to Enterprise profiles. If you are adding certificate data for a partner profile, specify the private key using keyBytes, not keyAlias. |
Usage Notes
If both
ownerID and
partnerID are specified, the certificate data is used for the purpose you specify in
usage. If
partnerID is not specified (or no specific alternative certificate data is defined by the owner and the specified partner for the purpose you specify in
usage), the certificate data is used as a default certificate set for the owner and all of the owner’s partners.