KeystoreExtractorValve
Valve for creating items from the keystore loaded into PAS configuration.
Keystore attributes are added as item properties.
Properties
Attributes
Supports extraction of the following certificate attributes:
| Name | Description |
|---|---|
subject |
Certificate subject name |
issuer |
Certificate issuer name |
not_before |
Certificate not before value as an ISO date/time |
not_after |
Certificate not after value as an ISO date/time |
serial |
Serial number |
key_usage |
Key usage as a comma separated string of booleans (true/false) |
basic_contraints |
Basic constraints as int |
sign_algorithm |
Algorithm used for signing |
ext_key_usage |
Comma separated string of extended key usage values |
pub_key |
Certificate public key in PEM |
pub_key_algorithm |
Public key algorithm |
pub_key_format |
Public key algorithm (X.509) |
pub_key_type |
Public key type (RSA) |
pub_key_size |
Public key size (1024, 2048, etc) |
crl_distribution_points |
Comma separated list of CRL distribution points |
ocsp_locations |
Comma separated list of OCSP location |
ocsp_issuers |
Comma separated list of OCSP issuers |
san_otherName |
Subject Alternative Name - Other name |
san_rfc822Name |
Subject Alternative Name - Email |
san_dNSName |
Subject Alternative Name - DNS |
san_x400Address |
Subject Alternative Name -X.400 |
san_directoryName |
Subject Alternative Name - DirName |
san_ediPartyName |
Subject Alternative Name - EID |
san_uniformResourceIdentifier |
Subject Alternative Name - URL |
san_iPAddress |
Subject Alternative Name - IP address |
| san_registeredID |
Subject Alternative Name - OID |
Example Configuration
{
"name": "KeystoreExtractorValve",
"config": {
"attributes" : "subject,not_before,not_after"
}
}