ObjectX509Crl
The X509Crl object iscryptoAn object in the module used to represent the X509 revocation certificate, that is, the certificate's revocation list. CA-related operations such as the verification of the X509 certificate chain will use the revocation list information.
X509Crl is incryptoModule declaration, so it can be introduced through the following code:
1const crypto = require('crypto');
Users can load a certificate in DER or PEM format by creating a new X509Crl class object and calling the object's import method. You can use the clear method to clear the loaded revoked certificate list information and control the loading status to support repeated certificate loading work. Then you can use the nextUpdate method to get the next update time of the revocation list, call serials to get the certificate revocation serial number list, etc.
The following example demonstrates how to import a revocation certificate from a file and output its list to the console:
1
2
3
4
5
6
7
8
9
10
11
12const crypto = require('crypto');
const fs = require('fs');
// load a PEM format CRL
var pemFile = './mycrl.pem';
var pemText = fs.readFile(pemFile).toString();
var crl = new crypto.X509Crl(pemText);
// output serials of revoked certificates
for (var i = 0; i < crl.serials.length; i++) {
console.log(crl.serials[i]);
}
inheritance relationship
Constructor
X509Crl
X509Crl constructor
1new X509Crl();
X509Crl constructor, loads a revocation certificate in DER format
1new X509Crl(Buffer derCrl);
Call parameters:
- derCrl:Buffer, revocation certificate in DER format
X509Crl constructor, loads a revocation certificate in PEM format
1new X509Crl(String pemCrl);
Call parameters:
- pemCrl: String, revocation certificate in PEM format
member properties
version
Integer, get the version of the certificate
1readonly Integer X509Crl.version;
issuer
String, Gets the distinguished name of the certificate issuer
1readonly String X509Crl.issuer;
serials
Array, get the list of certificate revocation serial numbers
1readonly Array X509Crl.serials;
thisUpdate
Date, obtain the current update time of the certificate
1readonly Date X509Crl.thisUpdate;
nextUpdate
Date, get the next update time of the certificate
1readonly Date X509Crl.nextUpdate;
next
X509Crl, get the next certificate in the certificate chain
1readonly X509Crl X509Crl.next;
member function
import
Load a revocation certificate in DER format, which can be called multiple times
1X509Crl.import(Buffer derCrl);
Call parameters:
- derCrl:Buffer, revocation certificate in DER format
Load a revocation certificate in PEM format, which can be called multiple times
1X509Crl.import(String pemCrl);
Call parameters:
- pemCrl: String, revocation certificate in PEM format
pem
Export loaded revocation certificate in PEM format
1String X509Crl.pem(Boolean all = true);
Call parameters:
- all: Boolean, specifies whether to output all certificates, the default is true
Return results:
- String, export the revocation certificate chain as an array
der
Export the loaded revocation certificate in DER format
1Buffer X509Crl.der();
Return results:
- Buffer, export the revocation certificate chain as an array
clear
Clear loaded revocation certificates
1X509Crl.clear();
toString
Returns the string representation of the object. Generally, "[Native Object]" is returned. The object can be re-implemented according to its own characteristics.
1String X509Crl.toString();
Return results:
- String, returns the string representation of the object
toJSON
Returns a JSON format representation of the object, generally returning a collection of readable properties defined by the object.
1Value X509Crl.toJSON(String key = "");
Call parameters:
- key: String, not used
Return results:
- Value, returns a value containing JSON serializable