Class TLSIdentity
TLSIdentity represents the identity information (Key pair and Certificates) used for setting up TLS Communication.
Inheritance
Implements
Inherited Members
Namespace: Couchbase.Lite.P2P
Assembly: Couchbase.Lite.dll
Syntax
public sealed class TLSIdentity : IDisposableRemarks
NOTE: This is an enterprise edition feature
Properties
| Improve this Doc View SourceCerts
The certificate chain as an array of X509Certificate2 objects.
Declaration
public X509Certificate2Collection Certs { get; }Property Value
| Type | Description |
|---|---|
| System.Security.Cryptography.X509Certificates.X509Certificate2Collection |
Remarks
NOTE: This is an enterprise edition feature
Expiration
The identity expiration date which is the expiration date of the first certificate in the chain.
Declaration
public DateTimeOffset Expiration { get; }Property Value
| Type | Description |
|---|---|
| System.DateTimeOffset |
Remarks
NOTE: This is an enterprise edition feature
Methods
| Improve this Doc View SourceCreateIdentity(Boolean, Dictionary<String, String>, Nullable<DateTimeOffset>, X509Store, String, String)
Create and store a client self-signed identity in a secure storage.The identity will be stored in the secure storage using the given label. The isServer tells that the certificate being created is a server or client certificate.The certificate attributes are optional.If the expiration date is not specified, the expiration date of the certificate will be 365 days. When creating a certificate, the common name attribute is required for creating a CSR. If the common name is not presented in the certificate, an exception will be thrown.
Declaration
public static TLSIdentity CreateIdentity(bool isServer, Dictionary<string, string> attributes, DateTimeOffset? expiration, X509Store store, string label, string labelMapDir)Parameters
| Type | Name | Description |
|---|---|---|
| System.Boolean | isServer | |
| System.Collections.Generic.Dictionary<System.String, System.String> | attributes | |
| System.Nullable<System.DateTimeOffset> | expiration | |
| System.Security.Cryptography.X509Certificates.X509Store | store | |
| System.String | label | |
| System.String | labelMapDir |
Returns
| Type | Description |
|---|---|
| TLSIdentity | A self-signed TLSIdentity. The identity is stored in the secure storage using the specified label. |
Remarks
NOTE: This is an enterprise edition feature
Exceptions
| Type | Condition |
|---|---|
| CouchbaseLiteException | CouchbaseLiteException will be thrown when the identity cannot be created. |
DeleteIdentity(X509Store, String, String)
Delete the identity of the given label or alias from the secure storage.
Declaration
public static void DeleteIdentity(X509Store store, string label, string labelMapDir)Parameters
| Type | Name | Description |
|---|---|---|
| System.Security.Cryptography.X509Certificates.X509Store | store | |
| System.String | label | |
| System.String | labelMapDir |
Remarks
NOTE: This is an enterprise edition feature
Exceptions
| Type | Condition |
|---|---|
| CouchbaseLiteException | CouchbaseLiteException will be thrown when the identity cannot be deleted. The error code will be determined during the technical design phase. |
Dispose()
Declaration
public void Dispose()Finalize()
Declaration
protected void Finalize()GetIdentity(X509Certificate2Collection)
Gets an identity that is based on the already created collection of certificates. The first certificate in the list must have a private key and be the leaf certificate.
Declaration
public static TLSIdentity GetIdentity(X509Certificate2Collection certs)Parameters
| Type | Name | Description |
|---|---|---|
| System.Security.Cryptography.X509Certificates.X509Certificate2Collection | certs |
Returns
| Type | Description |
|---|---|
| TLSIdentity | The constructed identity object based on the provided certificates |
Remarks
NOTE: This is an enterprise edition feature
Exceptions
| Type | Condition |
|---|---|
| System.ArgumentNullException | Thrown if |
| System.ArgumentException | Thrown if the certs collection is empty, or if the first cert does not contain a private key |
GetIdentity(X509Store, String, String)
Gets the pre-existing TLSIdentity for the given label out of the provided System.Security.Cryptography.X509Certificates.X509Store
Declaration
public static TLSIdentity GetIdentity(X509Store store, string label, string labelMapDir)Parameters
| Type | Name | Description |
|---|---|---|
| System.Security.Cryptography.X509Certificates.X509Store | store | The store that the certificate was saved into previously. It will be opened in read-only mode if it is not already open. |
| System.String | label | The label that the cert (and key on some platforms) was stored with |
| System.String | labelMapDir | The directory to save the label to certificate mapping data into. This directory needs
to be writable, and if |
Returns
| Type | Description |
|---|---|
| TLSIdentity | The previous saved identity object, or |
Remarks
NOTE: This is an enterprise edition feature
Exceptions
| Type | Condition |
|---|---|
| System.ArgumentNullException | Thrown if |
| System.ArgumentException | Thrown for any of the following situations:
|
ImportIdentity(X509Store, Byte[], String, String, String)
Imports and creates an identity from the given PKCS12 data containing private key, public key, and certificates. The imported identity will be securely stored in the X509Store. Note that the key data including the private key data will be temporarily in memory during the import operation.
Declaration
public static TLSIdentity ImportIdentity(X509Store store, byte[] pkc12Data, string password, string label, string labelMapDir)Parameters
| Type | Name | Description |
|---|---|---|
| System.Security.Cryptography.X509Certificates.X509Store | store | |
| System.Byte[] | pkc12Data | |
| System.String | password | |
| System.String | label | |
| System.String | labelMapDir |
Returns
| Type | Description |
|---|---|
| TLSIdentity |
Remarks
NOTE: This is an enterprise edition feature