7 Certificate Management Overview ToC Previous Next

7.7 Information Model for Push Certificate Management ToC Previous Next

7.7.6 CreateSigningRequest ToC Previous Next

CreateSigningRequest Method asks the Server to create a PKCS #10 DER encoded Certificate Request that is signed with the Server’s private key. This request can be then used to request a Certificate from a CA that expects requests in this format.

This Method requires an encrypted channel and that the Client provide credentials with administrative rights on the Server.

Signature

CreateSigningRequest(
[in]	NodeId certificateGroupId,
[in]	NodeId certificateTypeId,
[in]	String subjectName,
[in]	Boolean regeneratePrivateKey,
[in]	ByteString nonce,
[out]	ByteString certificateRequest
);

Argument Description
certificateGroupId The NodeId of the Certificate Group Object which is affected by the request.
If null the DefaultApplicationGroup is used.
certificateTypeId The type of Certificate being requested. The set of permitted types is specified by the CertificateTypes Property belonging to the Certificate Group.
subjectName The subject name to use in the Certificate Request.
If not specified the SubjectName from the current Certificate is used.
The format of the subjectName is defined in 7.6.4.
regeneratePrivateKey If TRUE the Server shall create a new Private Key which it stores until the matching signed Certificate is uploaded with the UpdateCertificate Method. Previously created Private Keys may be discarded if UpdateCertificate was not called before calling this method again. If FALSE the Server uses its existing Private Key.
nonce Additional entropy which the caller shall provide if regeneratePrivateKey is TRUE. It shall be at least 32 bytes long.
certificateRequest The PKCS #10 DER encoded Certificate Request.

Method Result Codes (defined in Call Service)

Result Code Description
Bad_InvalidArgument The certificateTypeId, certificateGroupId or subjectName is not valid.
Bad_UserAccessDenied The current user does not have the rights required.

Table 43 specifies the AddressSpace representation for the CreateSigningRequest Method.

Table 43 – CreateSigningRequest Method AddressSpace Definition

Attribute Value
BrowseName CreateSigningRequest
References NodeClass BrowseName DataType TypeDefinition ModellingRule
HasProperty Variable InputArguments Argument[] PropertyType Mandatory
HasProperty Variable OutputArguments Argument[] PropertyType Mandatory

Previous Next