Operations: Server: How to Generate a Client Certificate


Syntax

public CreateClientCertificateOperation(string name, 
    Dictionary<string, DatabaseAccess> permissions, 
    SecurityClearance clearance, 
    string password = null)

public enum SecurityClearance
{
    ClusterAdmin,
    ClusterNode,
    Operator,
    ValidUser
}

public enum DatabaseAccess
{
    Read,
    ReadWrite,
    Admin
}
Parameters
name string Name of a certificate
permissions Dictionary<string, DatabaseAccess> Dictionary mapping databases to access level
clearance SecurityClearance Access level
password string Optional certificate password, default: no password
Return Value
RawData client certificate raw data

Example I

// With the security clearance set to Cluster Administrator or Operator,
// the user of this certificate will have access to all databases
CreateClientCertificateOperation operation = 
    new CreateClientCertificateOperation(
        "admin", null, SecurityClearance.Operator);
CertificateRawData certificateRawData = 
    store.Maintenance.Server.Send(operation);
byte[] cert = certificateRawData.RawData;

Example II

// When the security clearance is ValidUser, you must specify an access level for each database
CreateClientCertificateOperation operation = 
    new CreateClientCertificateOperation(
        "user1", new Dictionary<string, DatabaseAccess>
{
    { "Northwind", DatabaseAccess.Admin }
}, SecurityClearance.ValidUser, "myPassword");
CertificateRawData certificateRawData = 
    store.Maintenance.Server.Send(operation);
byte[] cert = certificateRawData.RawData;