Object built-in object

ObjectX509Crl

The X509Crl object iscryptoAn object in the module used to represent the X509 revocation certificate, that is, the certificate's revocation list. CA-related operations such as the verification of the X509 certificate chain will use the revocation list information.

X509Crl is incryptoModule declaration, so it can be introduced through the following code:

1
const crypto = require('crypto');

Users can load a certificate in DER or PEM format by creating a new X509Crl class object and calling the object's import method. You can use the clear method to clear the loaded revoked certificate list information and control the loading status to support repeated certificate loading work. Then you can use the nextUpdate method to get the next update time of the revocation list, call serials to get the certificate revocation serial number list, etc.

The following example demonstrates how to import a revocation certificate from a file and output its list to the console:

1 2 3 4 5 6 7 8 9 10 11 12
const crypto = require('crypto'); const fs = require('fs'); // load a PEM format CRL var pemFile = './mycrl.pem'; var pemText = fs.readFile(pemFile).toString(); var crl = new crypto.X509Crl(pemText); // output serials of revoked certificates for (var i = 0; i < crl.serials.length; i++) { console.log(crl.serials[i]); }

inheritance relationship

Constructor

X509Crl

X509Crl constructor

1
new X509Crl();

X509Crl constructor, loads a revocation certificate in DER format

1
new X509Crl(Buffer derCrl);

Call parameters:

  • derCrl:Buffer, revocation certificate in DER format

X509Crl constructor, loads a revocation certificate in PEM format

1
new X509Crl(String pemCrl);

Call parameters:

  • pemCrl: String, revocation certificate in PEM format

member properties

version

Integer, get the version of the certificate

1
readonly Integer X509Crl.version;

issuer

String, Gets the distinguished name of the certificate issuer

1
readonly String X509Crl.issuer;

serials

Array, get the list of certificate revocation serial numbers

1
readonly Array X509Crl.serials;

thisUpdate

Date, obtain the current update time of the certificate

1
readonly Date X509Crl.thisUpdate;

nextUpdate

Date, get the next update time of the certificate

1
readonly Date X509Crl.nextUpdate;

next

X509Crl, get the next certificate in the certificate chain

1
readonly X509Crl X509Crl.next;

member function

import

Load a revocation certificate in DER format, which can be called multiple times

1
X509Crl.import(Buffer derCrl);

Call parameters:

  • derCrl:Buffer, revocation certificate in DER format

Load a revocation certificate in PEM format, which can be called multiple times

1
X509Crl.import(String pemCrl);

Call parameters:

  • pemCrl: String, revocation certificate in PEM format

pem

Export loaded revocation certificate in PEM format

1
String X509Crl.pem(Boolean all = true);

Call parameters:

  • all: Boolean, specifies whether to output all certificates, the default is true

Return results:

  • String, export the revocation certificate chain as an array

der

Export the loaded revocation certificate in DER format

1
Buffer X509Crl.der();

Return results:

  • Buffer, export the revocation certificate chain as an array

clear

Clear loaded revocation certificates

1
X509Crl.clear();

toString

Returns the string representation of the object. Generally, "[Native Object]" is returned. The object can be re-implemented according to its own characteristics.

1
String X509Crl.toString();

Return results:

  • String, returns the string representation of the object

toJSON

Returns a JSON format representation of the object, generally returning a collection of readable properties defined by the object.

1
Value X509Crl.toJSON(String key = "");

Call parameters:

  • key: String, not used

Return results:

  • Value, returns a value containing JSON serializable