4D v13.4

GENERATE CERTIFICATE REQUEST

Home

 
4D v13.4
GENERATE CERTIFICATE REQUEST

GENERATE CERTIFICATE REQUEST 


 

GENERATE CERTIFICATE REQUEST ( privKey ; certifRequest ; codeArray ; nameArray ) 
Parameter Type   Description
privKey  BLOB in BLOB containing the private key
certifRequest  BLOB in BLOB receiving the certificate request
codeArray  Longint array in Information code list
nameArray  String array in Name list

The GENERATE CERTIFICATE REQUEST command generates a certificate request at the PKCS format which can be directly used by certificate authorities such as Verisign(R) . The certificate plays an important part in the SSL secured protocol. It is sent to each browser connecting in SSL mode. It contains the “ID card” of the Web site (made from the information entered in the command), as well as its public key allowing the browsers to decrypt the received information. Furthermore, the certificate contains various information added by the certificate authority which guarantees its integrity.

Note: For more information on the SSL protocol use with 4D Web server, refer to the section Using SSL Protocol.

The certificate request uses keypairs generated with the command GENERATE ENCRYPTION KEYPAIR and contains various information. The certificate authority will generate its certificate combining this request with other parameters.

Pass in privKey a BLOB containing the private key generated with the command GENERATE ENCRYPTION KEYPAIR.

Pass in certifRequest an empty BLOB. Once the command has been executed, it contains the certificate request at the PKCS format. You can store this request in a text file, for example using the BLOB TO DOCUMENT command, to submit it to the certificate authority.

Warning: The private key is used to generate the request but should NOT be sent to the certificate authority.

The arrays codeArray (long integer) and nameArray (string) should be filled respectively with the code numbers and the information content required by the certificate authority.

The required codes and names may change according to the certificate authority and the certificate use. However, within a normal use of the certificate (Web server connections via SSL), the arrays should contain the following items:

Information to provide codeArray nameArray (Examples)
CommonName13www.4D.com
CountryName (two letters)14US
LocalityName15San Jose
StateOrProvinceName16California
OrganizationName174D, Inc.
OrganizationUnit18Web Administrator

The code and information content entering order does not matter, however the two arrays must be synchronized: if the third item of the codeArray contains the value 15 (locality name), the nameArray third item should contain this information, in our example San Jose.

Example  

A “Certificate request” form contains the six fields necessary for a standard certificate request. The Generate button creates a document on disk containing the certificate request. The “Privatekey.txt” document containing the private key (generated with the GENERATE ENCRYPTION KEYPAIR command) should be on the disk:



Here is the Generate button method:

  ` bGenerate Object Method
 
 C_BLOB($vbprivateKey;$vbcertifRequest)
 C_LONGINT($tableNum)
 ARRAY LONGINT($tLCodes;6)
 ARRAY STRING(80;$tSInfos;6)
 
 $tableNum:=Table(Current form table)
 For($i;1;6)
    $tSInfos{$i}:=Field($tableNum;$i)->
    $tLCodes{$i}:=$i+12
 End for
 If(Find in array($tSInfos;"")#-1)
    ALERT("All fields should be filled.")
 Else
    ALERT("Select your private key.")
    $vhDocRef:=Open document("")
    If(OK=1)
       CLOSE DOCUMENT($vhDocRef)
       DOCUMENT TO BLOB(Document;$vbprivateKey)
       GENERATE CERTIFICATE REQUEST($vbPrivateKey;$vbcertifRequest;$tLCodes;$tSInfos)
       BLOB TO DOCUMENT("Request.txt";$vbcertifRequest)
    Else
       ALERT("Invalid private key.")
    End if
 End if

 
PROPERTIES 

Product: 4D
Theme: Secured Protocol
Number: 691

 
INDEX

Alphabetical list of commands

 
HISTORY 

Created: 4D v6.7

 
SEE ALSO 

GENERATE ENCRYPTION KEYPAIR
Using SSL Protocol