X509Certificate

external class X509Certificate(source)

Encapsulates an X509 certificate and provides read-only access to its information.

const { X509Certificate } = await import('node:crypto');

const x509 = new X509Certificate('{... pem encoded cert ...}');

console.log(x509.subject);

Since

v15.6.0

Constructors

Link copied to clipboard
constructor(buffer: BinaryLike)

Properties

Link copied to clipboard
val ca: Boolean

Will be \`true\` if this is a Certificate Authority (CA) certificate.

Link copied to clipboard

The SHA-1 fingerprint of this certificate.

Link copied to clipboard

The SHA-256 fingerprint of this certificate.

Link copied to clipboard

The SHA-512 fingerprint of this certificate.

Link copied to clipboard

A textual representation of the certificate's authority information access extension.

Link copied to clipboard

The issuer identification included in this certificate.

Link copied to clipboard

The issuer certificate or undefined if the issuer certificate is not available.

Link copied to clipboard

An array detailing the key usages for this certificate.

Link copied to clipboard

The public key KeyObject for this certificate.

Link copied to clipboard
val raw: Buffer

A Buffer containing the DER encoding of this certificate.

Link copied to clipboard

The serial number of this certificate.

Link copied to clipboard

The complete subject of this certificate.

Link copied to clipboard

The subject alternative name specified for this certificate.

Link copied to clipboard

The date/time from which this certificate is considered valid.

Link copied to clipboard

The date/time until which this certificate is considered valid.

Functions

Link copied to clipboard
fun checkEmail(email: String, options: X509CheckOptions = definedExternally): String?

Checks whether the certificate matches the given email address.

Link copied to clipboard
fun checkHost(name: String, options: X509CheckOptions = definedExternally): String?

Checks whether the certificate matches the given host name.

Link copied to clipboard
fun checkIP(ip: String): String?

Checks whether the certificate matches the given IP address (IPv4 or IPv6).

Link copied to clipboard

Checks whether this certificate was issued by the given otherCert.

Link copied to clipboard

Checks whether the public key for this certificate is consistent with the given private key.

Link copied to clipboard
fun toJSON(): String

There is no standard JSON encoding for X509 certificates. ThetoJSON() method returns a string containing the PEM encoded certificate.

Link copied to clipboard

Returns information about this certificate using the legacy certificate object encoding.

Link copied to clipboard
open override fun toString(): String

Returns the PEM-encoded certificate.

Link copied to clipboard
fun verify(publicKey: KeyObject): Boolean

Verifies that this certificate was signed by the given public key. Does not perform any other validation checks on the certificate.