Class KeyCert

constructor

• new KeyCert(
      name: string,
      key: string | AnyKey | undefined,
      cert: string | Certificate,
      ca?: typeof SELF_SIGNED | KeyCert,
  ): KeyCert

  Parameters

  • name: string
  • key: string | AnyKey | undefined
  • cert: string | Certificate
  • Optionalca: typeof SELF_SIGNED | KeyCert

  Returns KeyCert

Readonlyca

Readonlycert

Readonlykey

Readonlyname

certFile

• get certFile(): string | undefined

  The file name of the certificate. The file is encoded as PEM.

  Returns string | undefined

  The filename, or undefined if unknown.

chain

• get chain(): string

  The PEM-encoded full certificate chain, starting with this cert, then adding the CA cert if there is a CA.

  Returns string

issuer

• get issuer(): string

  Issuer DN string.

  Returns string

  A string of the form '/C=US'.

keyFile

• get keyFile(): string | undefined

  The account name of the key, stored under KEYCHAIN_SERVICE in the OS-specific keychain. This corresponds to the file name that the key used to be stored in. This file should no longer exist after the upgrade procedure runs.

  Returns string | undefined

  If known, the filename, otherwise undefined.

notAfter

• get notAfter(): Date

  Certificate not valid after this date.

  Returns Date

  Date constructed from X509.

notBefore

• get notBefore(): Date

  Certificate not valid before this date.

  Returns Date

  Date constructed from X509.

san

• get san(): GeneralName[] | undefined

  List of subjectAlternativeNames for the cert.

  Returns GeneralName[] | undefined

  Array of {dns: 'hostname'} or {ip: 'address'} objects.

serial

• get serial(): string

  Serial number of the cert.

  Returns string

  Hex string.

subject

• get subject(): string

  Subject name of the cert.

  Returns string

  String of the form '/CN=localhost'.

Staticlist

• list(
      opts: RequiredCommonCertOptions,
      log: Logger,
      ca?: typeof SELF_SIGNED | KeyCert,
  ): AsyncGenerator<KeyCert>

  Get all known certs in the given directory.

  Parameters

  • opts: RequiredCommonCertOptions

    Options, most important is dir.

  • log: Logger

    Logger.

  • Optionalca: typeof SELF_SIGNED | KeyCert

    If known, the CA, or SELF_SIGNED for CAs.

  Returns AsyncGenerator<KeyCert>

  Yields

  Already-read KeyCert instances.

StaticlistKeys

• listKeys(): AsyncGenerator<SecretEntry>

  List all known keys.

  Returns AsyncGenerator<SecretEntry>

  Yields

  Object with account name and pre-populated AsyncEntry for modifications.

Staticread

• read(
      opts: RequiredCommonCertOptions,
      name: string,
      log: Logger,
      ca?: typeof SELF_SIGNED | KeyCert,
  ): Promise<KeyCert | null>

  Read the cert file and the key from the keychain.

  Parameters

  • opts: RequiredCommonCertOptions

    Options. Most important is dir.

  • name: string

    Base name of the files, escaped for use as filenames. No suffix or directory.

  • log: Logger

    Logger.

  • Optionalca: typeof SELF_SIGNED | KeyCert

    If known, the CA. Use SELF_SIGNED for the CA.

  Returns Promise<KeyCert | null>

  KeyCert, or null if not found.

delete

• delete(opts?: Required<CommonCertOptions>, log?: Logger): Promise<void>

  Delete this key, if it isn't temporary.

  Parameters

  • Optionalopts: Required<CommonCertOptions>

    Options, of which temp is the most important.

  • Optionallog: Logger

    Logger.

  Returns Promise<void>

  Promise that completes when done deleting.

verify

• verify(): boolean

  Verify the certificate with its issuer. If no CA, returns false.

  Returns boolean

  True if valid.

write

• write(opts: RequiredCommonCertOptions, log: Logger): Promise<void>

  Save the cert file and key, unless this is temporary.

  Parameters

  • opts: RequiredCommonCertOptions

    Options, of which temp is the most important.

  • log: Logger

    Logger.

  Returns Promise<void>

  Promise that completes when writing is done.