Operations: Server: How to Generate a Client Certificate
You can generate a client certificate using CreateClientCertificateOperation.
Syntax
public CreateClientCertificateOperation(string name,
Dictionary<string, DatabaseAccess> permissions,
SecurityClearance clearance,
string password = null)
public enum SecurityClearance
{
ClusterAdmin,
ClusterNode,
Operator,
ValidUser
}
public enum DatabaseAccess
{
ReadWrite,
Admin
}
Parameters |
|
|
name |
string |
Name of a certificate |
permissions |
Dictionary<string, DatabaseAccess> |
Dictionary with database to access level mapping |
clearance |
SecurityClearance |
Access level |
password |
string |
Optional certificate password, default: no password |
Return Value |
|
RawData |
client certificate raw data |
Example I
// With user role set to Cluster Administrator or Operator the user of this certificate
// is going to have access to all databases
CreateClientCertificateOperation operation =
new CreateClientCertificateOperation(
"admin", null, SecurityClearance.Operator);
CertificateRawData certificateRawData =
store.Maintenance.Server.Send(operation);
byte[] cert = certificateRawData.RawData;
Example II
// when security clearance is ValidUser, you need to specify per database permissions
CreateClientCertificateOperation operation =
new CreateClientCertificateOperation(
"user1", new Dictionary<string, DatabaseAccess>
{
{ "Northwind", DatabaseAccess.Admin }
}, SecurityClearance.ValidUser, "myPassword");
CertificateRawData certificateRawData =
store.Maintenance.Server.Send(operation);
byte[] cert = certificateRawData.RawData;