sslutils v14
sslutils
is a Postgres extension that provides SSL certificate generation functions to EDB Postgres Advanced Server for use by the EDB Postgres Enterprise Manager server. sslutils
is installed by using the edb-asxx-server-sslutils
RPM package where xx
is the EDB Postgres Advanced Server version number.
The sslutils
package provides the functions shown in the following sections.
In these sections, each parameter in the function’s parameter list is described by parameter n
under the Parameters subsection where n
refers to the nth
ordinal position (for example, first, second, third, etc.) within the function’s parameter list.
openssl_rsa_generate_key
The openssl_rsa_generate_key
function generates an RSA private key. The function signature is:
When invoking the function, pass the number of bits as an integer value; the function returns the generated key.
openssl_rsa_key_to_csr
The openssl_rsa_key_to_csr
function generates a certificate signing request (CSR). The signature is:
The function generates and returns the certificate signing request.
Parameters
parameter 1
The name of the RSA key file.
parameter 2
The common name (e.g., agentN
) of the agent to use the signing request.
parameter 3
The name of the country in which the server resides.
parameter 4
The name of the state in which the server resides.
parameter 5
The location (city) within the state in which the server resides.
parameter 6
The name of the organization unit requesting the certificate.
parameter 7
The email address of the user requesting the certificate.
openssl_csr_to_crt
The openssl_csr_to_crt
function generates a self-signed certificate or a certificate authority certificate. The signature is:
The function returns the self-signed certificate or certificate authority certificate.
Parameters
parameter 1
The name of the certificate signing the request.
parameter 2
The path to the certificate authority certificate, or NULL
if generating a certificate authority certificate.
parameter 3
The path to the certificate authority’s private key or (if argument 2
is NULL
) the path to a private key.
openssl_rsa_generate_crl
The openssl_rsa_generate_crl
function generates a default certificate revocation list. The signature is: