Hi,
I need to develop a service(Flow or JAVA) that can list all the expired/expiring Client certificates.
Please suggest if anyone has worked for such requirement.
Thanks in advance.
Looks a good requirement to me, to start off explore - WmRoot/wm.server.security.certificate
I will come with more information, can you share a sample client certificate for me to test this requirement.
Thanks for the prompt reply. Though i am not much aware of the ‘certificate thing’, but i have created a service using some services from WmRoot Package, here are the details:
INVOKE wm.server.security.keystore:listTrustStoreAliases
LOOP over ‘/trustStoreAliasNames’
INVOKE pub.security.keystore:getTrustedCertificates
LOOP over ‘/certificates’
INVOKE wm.server.security.certificate:getCertificateInfo
and then append the data to a document list.
But here we have one problem, we want to only check for the certificates listed in:
Security > Certificates > Configure Client Certificates
where as the service is giving me all the certificate aliases from trust store:
Can be seen here : Security > Keystore > View Truststore Alias
Please suggest.
Its pretty simple and straight forward. I was expecting a sample client certificate from you but anyways I created one myself.
Use the below two services to get the client certificate information that is currently installed on your IS. I tested in v8 the same should work in v9 and above
Use wm.server.security.certificate:listMappings to list the installed client certificates on IS
Pass issuer, serialNum to wm.server.security.certificate:getDetailedInfo. This will list out all the details that you need.
Contact me for further assistance or questions.
Thanks Mahesh, it worked.