Options
All
  • Public
  • Public/Protected
  • All
Menu

Class Certificate

X.509v3 Certificate.

Hierarchy

  • Certificate

Index

Constructors

Properties

Methods

Constructors

constructor

  • Creates an X.509 certificate from an ASN.1 object

    Parameters

    • obj: ASN1

      an ASN.1 object

    Returns Certificate

Properties

authorityKeyIdentifier

authorityKeyIdentifier: string

basicConstraintsValid

basicConstraintsValid: boolean

dnsNames

dnsNames: string[]

emailAddresses

emailAddresses: string[]

extensions

extensions: Extension[]

infoSignatureOID

infoSignatureOID: string

ipAddresses

ipAddresses: string[]

isCA

isCA: boolean

issuer

issuer: DistinguishedName

issuingCertificateURL

issuingCertificateURL: string

keyUsage

keyUsage: number

maxPathLen

maxPathLen: number

ocspServer

ocspServer: string

publicKey

publicKey: PublicKey

publicKeyRaw

publicKeyRaw: Buffer

raw

raw: Buffer

serialNumber

serialNumber: string

signature

signature: Buffer

signatureAlgorithm

signatureAlgorithm: string

signatureOID

signatureOID: string

subject

subject: DistinguishedName

subjectKeyIdentifier

subjectKeyIdentifier: string

tbsCertificate

tbsCertificate: ASN1

uris

uris: string[]

validFrom

validFrom: Date

validTo

validTo: Date

version

version: number

Methods

Protected __computed

  • __computed(_depth: any, options: any): string

  • Parameters

    • _depth: any
    • options: any

    Returns string

checkSignature

  • Returns null if a subject certificate is valid, or error if invalid. Note that it does not check validity time, DNS name, ip or others.

    Parameters

    Returns Error | null

getExtension

  • getExtension(name: string, key?: string): any

  • Gets an extension by its name or oid. If extension exists and a key provided, it will return extension[key].

    certificate.getExtension('keyUsage')
certificate.getExtension('2.5.29.15')
// => { oid: '2.5.29.15',
//      critical: true,
//      value: <Buffer 03 02 05 a0>,
//      name: 'keyUsage',
//      digitalSignature: true,
//      nonRepudiation: false,
//      keyEncipherment: true,
//      dataEncipherment: false,
//      keyAgreement: false,
//      keyCertSign: false,
//      cRLSign: false,
//      encipherOnly: false,
//      decipherOnly: false }
certificate.getExtension('keyUsage', 'keyCertSign') // => false

    Parameters

    • name: string

      extension name or OID

    • Default value key: string = ""

      key in extension

    Returns any

isIssuer

  • Returns true if this certificate's issuer matches the passed certificate's subject. Note that no signature check is performed.

    Parameters

    Returns boolean

toJSON

  • toJSON(): any

  • Return a friendly JSON object for debuging.

    Returns any

verifySubjectKeyIdentifier

  • verifySubjectKeyIdentifier(): boolean

  • Verifies the subjectKeyIdentifier extension value for this certificate against its public key.

    Returns boolean

Static fromPEM

  • Parse an X.509 certificate from PEM formatted buffer.

    Parameters

    • data: Buffer

      PEM formatted buffer

    Returns Certificate

Static fromPEMs

  • Parse one or more X.509 certificates from PEM formatted buffer. If there is no certificate, it will throw error.

    Parameters

    • data: Buffer

      PEM formatted buffer

    Returns Certificate[]

Generated using TypeDoc