Class SSL.Constants.CertificatePair
- Description
A chain of X509 certificates with corresponding private key.
It also contains some derived metadata.
- Variable cert_type
int SSL.Constants.CertificatePair.cert_type
- Description
Cerificate type for the leaf cert.
One of the AUTH_* constants.
- Variable certs
array(string(8bit)) SSL.Constants.CertificatePair.certs
- Description
Chain of certificates, root cert last.
- Variable globs
array(string(8bit)) SSL.Constants.CertificatePair.globs
- Description
Array of commonName globs from the first certificate in certs.
- Variable issuers
array(string(8bit)) SSL.Constants.CertificatePair.issuers
- Description
Array of DER for the issuers matching certs.
- Variable ke_mask
int(0..) SSL.Constants.CertificatePair.ke_mask
- Description
Bitmask of the key exchange algorithms supported by the main certificate. This is used for TLS 1.1 and earlier.
- See also
- Variable ke_mask_invariant
int(0..) SSL.Constants.CertificatePair.ke_mask_invariant
- Description
Bitmask of the key exchange algorithms supported by the main certificate. This is the same as ke_mask, but unified with respect to KE_dh_dss/KE_dh_rsa and KE_ecdh_ecdsa/KE_ecdh_rsa, as supported by TLS 1.2 and later.
- Variable key
Crypto.Sign.State SSL.Constants.CertificatePair.key
- Description
Private key.
- Variable sign_algs
array(array(HashAlgorithm|SignatureAlgorithm)) SSL.Constants.CertificatePair.sign_algs
- Description
TLS 1.2-style hash and signature pairs matching the certs.
- Method create
SSL.Constants.CertificatePair SSL.Constants.CertificatePair(Crypto.Sign.State key, array(string(8bit)) certs, array(string(8bit))|void extra_name_globs)
- Description
Initializa a new CertificatePair.
- Parameter key
Private key.
- Parameter certs
Chain of certificates, root cert last.
- Parameter extra_globs
The set of globs from the first certificate is optionally extended with these.
- Note
Performs various validation checks.