wm.tn.security:getCertificateData
Retrieves certificate data from the Trading Networks database.
Input Parameters
certID | String (optional) The internal ID that uniquely identifies the certificate data that is to be retrieved. See the Usage Notes at the end of this service’s description for information about the relationship between the certID, ownerID, partnerID, and usage parameters. |
ownerID | String (optional) The internal partner ID of the owner of the certificates. See the Usage Notes at the end of this service’s description for information about the relationship between the certID, ownerID, partnerID, and usage parameters. |
partnerID | String (optional) The internal partner ID of the certificate owner’s partner. See the Usage Notes at the end of this service’s description for information about the relationship between the certID, ownerID, partnerID, and usage parameters. |
usage | String Specify how the certificate is used:  sign - A signing certificate for the owner to send digitally signed documents to the partner. decrypt - An encrypt certificate for the owner to send encrypted documents to the partner. ssl - A client SSL certificate for the owner to establish an SSL connection to the partner’s secure server. See the Usage Notes at the end of this service’s description for information about the relationship between the certID, ownerID, partnerID, and usage parameters. |
Output Parameters
certID | String The internal ID that uniquely identifies the certificate data that is retrieved. If the input parameter certID is specified, the same certID appears in the output pipeline. |
ownerID | String The internal partner ID of the owner of the certificates. |
partnerID | String The internal partner ID of the certificate owner’s partner. |
usage | String Indicates how the certificate is used: sign - A signing certificate for the owner to send digitally signed documents to the partner. decrypt - An encrypt certificate for the owner to send encrypted documents to the partner. ssl - A client SSL certificate for the owner to establish an SSL connection to the partner’s secure server. |
chainBytes | Object An array of byte arrays. Each byte array represents a java.security.cert.X509Certificate. The certificates are in node-to-root order. The first certificate in the array is the sign/decrypt/SSL client certificate. Each subsequent certificate is the certificate that was used to sign the previous certificate in the array. |
keyBytes | Object A byte array that represents the private key that is used to generate the certificate. |
expirationDate | Object The expiration date of the certificate. |
Usage Notes
If both
ownerID and
partnerID are specified, the certificate data is used for the purpose you specify in
usage. If
partnerID is
not specified (or no specific alternative certificate data is defined by the owner and the specified partner for the purpose you specify in
usage), the certificate data is used as a default certificate set for the owner and
all of the owner’s partners.
If
certID is specified,
ownerID,
partnerID, and
usage are ignored. If
certID is not specified, you must specify
ownerID,
partnerID, and
usage.
If
certID is not specified and a secondary certificate has been provided, this service switches the certificates when the primary certificate expires.