Language
C# Java
Article For
5.3

Operations: Server: How to Generate a Client Certificate

You can generate a client certificate using CreateClientCertificateOperation.

Usage

const cert1 = await store.maintenance.server.send(
    new CreateClientCertificateOperation([name], [permissions], [clearance], [password]));

export type SecurityClearance =
    "UnauthenticatedClients"
    | "ClusterAdmin"
    | "ClusterNode"
    | "Operator"
    | "ValidUser";

export type DatabaseAccess =
    "ReadWrite"
    | "Admin";
Parameters
name string Name of a certificate
permissions Record<string, DatabaseAccess> Record mapping databases to access level
clearance SecurityClearance Access level
password string Optional certificate password, default: no password
Return Value
RawData client certificate raw data

Example I

// With user role set to Cluster Administrator or Operator the user of this certificate
// is going to have access to all databases
const clientCertificateOperation = await store.maintenance.server.send(
    new CreateClientCertificateOperation("admin", {}, "Operator"));
const certificateRawData = clientCertificateOperation.rawData;

Example II

// when security clearance is ValidUser, you need to specify per database permissions

const clearance = {
    [store.database]: "ReadWrite"
};
    }

t clientCertificateOperation = await store.maintenance.server.send(
new CreateClientCertificateOperation("user1", clearance, "ValidUser", "myPassword"));
t certificateRawData = clientCertificateOperation.rawData;