The keystore object allows you to register client certificates with the player.
While CA packages (added using the
AddCAPackage() method) are persistent, individual certificates (added using the
AddClientCertificate() methods) are not; individual certificates must be registered with the certificate database after each reboot.
To create a keystore object, first load the
brightsign/keystore module using the
Require() method. Then create an instance of the keystore class.
Use this interface to add certificates to the certificate database.
Registers the specified CA certificate with the certificate database. Client certificates can be either self-signed or signed using a 3rd-party certificate issuer (Versign, DigiCert, etc.).
Adds the specified CA package file to the certificate database. The package name resides in the file and does not need to be the same as the filename. See the roKeyStore page for more information on generating CA packages.
Attempting to modify a CA package file that has been added to the database will invalidate it. If a package is invalidated, it will need to be removed from the database (using the r
emoveCaPackage() method) and added again.
Removes the specified CA package from the certificate database. Use the g
etCaPackagesInstalled() method to retrieve a list of package names in the database.
Returns a list of names of CA packages contained in the certificate database.
Registers a .p12 client certificate with the certificate database.
This interface represents a .p12 certificate file.
[DOMString] certificateFile: The file name and path of the .p12 client certificate
[DOMString] passphrase: A passphrase for the .p12 client certificate
[DOMString] obfuscatedPassphrase: An obfuscated passphrase for the .p12 client certificate
Provide the passphrase using either the "passphrase" or "obfuscated_passphrase" parameter (not both). We recommend using the "obfuscated_passphrase" in production environments, while the "passphrase" should be used for testing purposes only. Contact firstname.lastname@example.org to learn more about generating a key for obfuscation and storing it on the player.