You are currently browsing legacy 4.1 version of documentation. Click here to switch to the newest 4.2 version.

We can help you with migration to the latest RavenDB

Contact Us Now
see on GitHub

Operations: Server: How to Generate a Client Certificate

You can generate a client certificate using CreateClientCertificateOperation.

Syntax

public CreateClientCertificateOperation(string name, 
    Dictionary<string, DatabaseAccess> permissions, 
    SecurityClearance clearance, 
    string password = null)

public enum SecurityClearance
{
    ClusterAdmin,
    ClusterNode,
    Operator,
    ValidUser
}

public enum DatabaseAccess
{
    ReadWrite,
    Admin
}

Parameters
name string Name of a certificate
permissions Dictionary<string, DatabaseAccess> Dictionary with database to access level mapping
clearance SecurityClearance Access level
password string Optional certificate password, default: no password
Return Value
RawData client certificate raw data

Example I

// With user role set to Cluster Administrator or Operator the user of this certificate 
// is going to have access to all databases
CreateClientCertificateOperation operation = 
    new CreateClientCertificateOperation(
        "admin", null, SecurityClearance.Operator);
CertificateRawData certificateRawData = 
    store.Maintenance.Server.Send(operation);
byte[] cert = certificateRawData.RawData;

Example II

// when security clearance is ValidUser, you need to specify per database permissions
CreateClientCertificateOperation operation = 
    new CreateClientCertificateOperation(
        "user1", new Dictionary<string, DatabaseAccess>
{
    { "Northwind", DatabaseAccess.Admin }
}, SecurityClearance.ValidUser, "myPassword");
CertificateRawData certificateRawData = 
    store.Maintenance.Server.Send(operation);
byte[] cert = certificateRawData.RawData;