Namespace: x509

$.security. x509

The textual representation of certificate attributes is different in the crypto toolkits (openssl, commoncrypto). Use this API always if you persit certificate strings, e.g. SQL identity mapping creation, SAML provider creation, etc. It uses the runtime parser which ensures consistent behaviour.
Namespace: x509

Example

// Example certificate only
var data = "-----BEGIN CERTIFICATE-----" +
   "MIIEVjCCAz6gAwIBAgIJAKZmSWxYxVmGMA0GCSqGSIb3DQEBBQUAMHkxCzAJBgNV" +
   "BAYTAkRFMRAwDgYDVQQIEwdHZXJtYW55MREwDwYDVQQHEwhXYWxsZG9yZjEPMA0G" +
   "A1UEChMGU0FQIEFHMREwDwYDVQQLEwhTQVAgSEFOQTEhMB8GA1UEAxMYU0FQIEFH" +
   "IEhBTkEgVGVzdCBSb290IENBMCAXDTExMDkxOTEzMzIyN1oYDzIyODUwNzA0MTMz" +
   "MjI3WjB5MQswCQYDVQQGEwJERTEQMA4GA1UECBMHR2VybWFueTERMA8GA1UEBxMI" +
   "V2FsbGRvcmYxDzANBgNVBAoTBlNBUCBBRzERMA8GA1UECxMIU0FQIEhBTkExITAf" +
   "BgNVBAMTGFNBUCBBRyBIQU5BIFRlc3QgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEB" +
   "BQADggEPADCCAQoCggEBAMoZM4HuzcmXbj7N0VDXr6FXuWyD9j1uDxS3pPonvP/h" +
   "Z5EafZ9jdyxBDyIzqJWugx2rO3oVkDCtdYrzUoqrnhvNTUbAZ3FoNd397bpkzCNh" +
   "D1B46W3ELm56690eg8I73cbuAhEUDj8zQeGKToo71qAauqCROngTuKCRTp8FrNHb" +
   "f2OonYndcY5oKxJ4pHbeD8ix+bOSb1BPDgHDLw3eW0Qp2VaZNC/yE0wcIHekNxC9" +
   "kIpX4tFyd2/l9f4BVC9ekYxiT8bjMAfuOnoqxCqREGLGfGisemXmGhNLDcQANcx7" +
   "14ogtQjMujufelXZM9g2eYn2X72pmvA8CCWhcCCWJiMCAwEAAaOB3jCB2zAdBgNV" +
   "HQ4EFgQUZO02ujB7wvW2+GmMsFAydAAnbXswgasGA1UdIwSBozCBoIAUZO02ujB7" +
   "wvW2+GmMsFAydAAnbXuhfaR7MHkxCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdHZXJt" +
   "YW55MREwDwYDVQQHEwhXYWxsZG9yZjEPMA0GA1UEChMGU0FQIEFHMREwDwYDVQQL" +
   "EwhTQVAgSEFOQTEhMB8GA1UEAxMYU0FQIEFHIEhBTkEgVGVzdCBSb290IENBggkA" +
   "pmZJbFjFWYYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAmkeX+Z3h" +
   "XBXAWKg+sqorBqoT3MZHX02kJggfx2WS+OSGIHeLDoJVQ/1t3vjS6E3IXzndEBVA" +
   "xBXBQSPhTC7Cjv7+vIH+UCmA3i8x/qQs80vGlfXsAX1T29U373ngAO3/MieTlxtn" +
   "CCDSJTmjuiaH1JZTyIddBQLr5nbkYm92jsAIF6qDSy5l74pQIOAUqiRmOGq50Fwz" +
   "s84/8E+vNWSI/1lzS95aZJcNQPhs6dyOto1CGjoxf/745UmpIm7rYUsclpz7k737" +
   "zn2Q+T5Og6ozD1WgUYsegJl3W2gNznEj66Ku1SDDzR0POjCnfK5xLt1WE5KBAIav" +
   "1SSbSTsw6rCRdg==" +
   "-----END CERTIFICATE-----";
try {
    // parse out the subject from the certificate
    var subject = $.security.x509.getSubject(data);
    // parse out the issuer from the certificate
    var issuer  = $.security.x509.getIssuer(data);
    // expected string of subject/issuer
    var expected = "CN=SAP AG HANA Test Root CA, OU=SAP HANA, O=SAP AG, L=Walldorf, SP=Germany, C=DE";
    if(subject === expected && issuer === expected) {
        $.response.setBody("OK");
    } else {
        $.response.setBody("Unexpected");
    }
} catch (exc) {
    $.response.setBody("Expection");
}

Methods

getIssuer(data) → {String}

Parse a X509 certificate and return the Issuer as string
Parameters:
Name Type Description
data String | ArrayBuffer String or binary data of certificate to be parsed. The certificate can be PEM (with or without header) or DER encoded.
Throws:
Throws an error if the input parameters are invalid
Returns:
Type
String

getSubject(data) → {String}

Parse a X509 certificate and return the Subject as string
Parameters:
Name Type Description
data String | ArrayBuffer String or binary data of certificate to be parsed. The certificate can be PEM (with or without header) or DER encoded.
Throws:
Throws an error if the input parameters are invalid
Returns:
Type
String