keystore

the keystore object allows you to register client certificates with the player while ca packages (added using the addcapackage() method) are persistent, individual certificates (added using the addcacertificate() and addclientcertificate() methods) are not; individual certificates must be registered with the certificate database after each reboot you can’t access certificates that were added to the keystore using javascript or brightscript developers wanting to use a certificate with their java application will have to access it directly from their application keystore idl interface keystore { promise\<void> addcacertificate(string filename); promise\<void> addcapackage(string filename); promise\<void> removecapackage(string filename); promise\<packagelist> getcapackagesinstalled(); promise\<void> addclientcertificate(clientcertificateobject object); }; interface clientcertificateobject { attribute string certificatefile; attribute string passphrase; attribute string obfuscatedpassphrase; }; object creation to create a keystore object, first load the brightsign/keystore module using the require() method then create an instance of the keystore class var keystoreclass = require("@brightsign/keystore"); var keystore = new keystoreclass(); keystore use this interface to add certificates to the certificate database addcacertificate() promise<> addcacertificate(domstring filename) registers the specified ca certificate with the certificate database client certificates can be either self signed or signed using a 3rd party certificate issuer (versign, digicert, etc ) chromium version 69 or later will refuse sha 1 certificates see this page for more information addcapackage() promise<> addcapackage(domstring filename) adds the specified ca package file to the certificate database the package name resides in the file and does not need to be the same as the filename see the rokeystore docid\ ghsznw9es8temurqxq du page for more information on generating ca packages attempting to modify a ca package file that has been added to the database will invalidate it if a package is invalidated, it will need to be removed from the database (using the removecapackage() method) and added again removecapackage() promise\<packagelist> getcapackagesinstalled() removes the specified ca package from the certificate database use the g etcapackagesinstalled() method to retrieve a list of package names in the database getcapackagesinstalled() promise\<packagelist> getcapackagesinstalled() returns a list of names of ca packages contained in the certificate database addclientcertificate() promise<> addclientcertificate(clientcertificateobject object) registers a p12 client certificate with the certificate database clientcertificateobject this interface represents a p12 certificate file certificatefile string string the file name and path of the p12 client certificate passphrase string string a passphrase for the p12 client certificate obfuscatedpassphrase string string an obfuscated passphrase for the p12 client certificate only one of obfuscatedpassphrase and passphrase is required, and obfuscatedpassphrase takes priority if both are present we recommend using obfuscated passphrase in production environments, while passphrase should be used for testing purposes only contact support\@brightsign biz mailto\ support\@brightsign biz to learn more about generating a key for obfuscation and storing it on the player example ksf = require('@brightsign/keystore'); k = new ksf() k addcapackage("/storage/sd/example bsca") then(() => console log('ok'), () => console log('failed')) k getcapackagesinstalled() then((pkgs) => console log(pkgs)) k removecapackage('example') then(() => console log('ok'), () => console log('failed'))