Operations: Server: How to Generate a Client Certificate


Usage

const cert1 = await store.maintenance.server.send(
    new CreateClientCertificateOperation([name], [permissions], [clearance], [password]));

SecurityClearance options:

  • UnauthenticatedClients
  • ClusterAdmin
  • ClusterNode
  • Operator
  • ValidUser

DatabaseAccess options:

  • ReadWrite
  • Admin
Parameters
name string Name of a certificate
permissions Record<string, DatabaseAccess> Record mapping databases to access level
clearance SecurityClearance Access level
password string Optional certificate password, default: no password
Return Value
RawData client certificate raw data

Example I

// With user role set to Cluster Administrator or Operator the user of this certificate
// is going to have access to all databases
const clientCertificateOperation = await store.maintenance.server.send(
    new CreateClientCertificateOperation("admin", {}, "Operator"));
const certificateRawData = clientCertificateOperation.rawData;

Example II

// when security clearance is ValidUser, you need to specify per database permissions

const clearance = {
    [store.database]: "ReadWrite"
};
    }

t clientCertificateOperation = await store.maintenance.server.send(
new CreateClientCertificateOperation("user1", clearance, "ValidUser", "myPassword"));
t certificateRawData = clientCertificateOperation.rawData;