Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated as per DOCS-451

The keystore object allows you to register client certificates with the player.

While CA packages (added using the AddCAPackage() method) are persistent, individual certificates (added using the AddCACertificate() and AddClientCertificate() methods) are not; individual certificates must be registered with the certificate database after each reboot.

keystore IDL

Code Block
title
languagejskeystore IDL
interface KeyStore {
    Promise<void> addCaCertificate(String filename);
    Promise<void> addCaPackage(String filename);
    Promise<void> removeCaPackage(String filename);
    Promise<PackageList> getCaPackagesInstalled();
    Promise<void> addClientCertificate(ClientCertificateObject object);
};

interface ClientCertificateObject {
    attribute String certificateFile;
    attribute String passphrase;
    attribute String obfuscatedPassphrase;
};
Panel
borderColor#3D3D3D
bgColor#F4F4F4
titleColor#3D3D3D
borderWidth0
titleBGColor#3D3D3D
borderStylesolid

ON THIS PAGE

Table of Contents
indent20px


Object Creation

To create a keystore object, first load the brightsign/keystore module using the require() method. Then create an instance of the keystore class.

Code Block
languagejs
var keystoreClass = require("@brightsign/keystore");
var keystore = new keystoreClass();

KeyStore

Use this interface to add certificates to the certificate database.

warning

addCaCertificate()
Code Block
languagejs
Promise<> addCaCertificate(DOMString filename)

Registers the specified CA certificate with the certificate database. Client certificates can be either self-signed or signed using a 3rd-party certificate issuer (Versign, DigiCert, etc.). 

Note

Chromium version 69 or later will refuse SHA-1 certificates. See this page for more information.

addCaPackage()
Code Block
languagejs
Promise<> addCaPackage(DOMString filename)

Adds the specified CA package file to the certificate database. The package name resides in the file and does not need to be the same as the filename. See the roKeyStore page for more information on generating CA packages.

Notetitle

Note

Attempting to modify a CA package file that has been added to the database will invalidate it. If a package is invalidated, it will need to be removed from the database (using the removeCaPackage() method) and added again.

removeCaPackage()
Code Block
languagejs
Promise<> removeCaPackage(DOMString filename)

Removes the specified CA package from the certificate database. Use the getCaPackagesInstalled() method to retrieve a list of package names in the database.

getCaPackagesInstalled()
Code Block
languagejs
Promise<PackageList> getCaPackagesInstalled()

Returns a list of names of CA packages contained in the certificate database.

addClientCertificate()
Code Block
languagejs
Promise<> addClientCertificate(ClientCertificateObject object)

Registers a .p12 client certificate with the certificate database. 

ClientCertificateObject

This interface represents a .p12 certificate file.

[
  • certificateFile String

] certificateFile
  • : The file name and path of the .p12 client certificate

[
  • passphrase String

] passphrase
  • :  A passphrase for the .p12 client certificate

[
  • obfuscatedPassphrase String

] obfuscatedPassphrase
  • : An obfuscated passphrase for the .p12 client certificate

Warning
title

Important

Only one

of obfuscatedPassphrase and passphrase is

of obfuscatedPassphrase and passphrase is required, and obfuscatedPassphrase

 takes

 takes priority if both are present. We recommend using obfuscated_passphrase

 in

 in production environments,

while 

while passphrase

 should

 should be used for testing purposes only.

 Contact  to

 to learn more about generating a key for obfuscation and storing it on the player.

Example

Code Block
titleExample
ksf = require('@brightsign/keystore');
k = new ksf()
k.addCaPackage("/storage/sd/example.bsca").then(() => console.log('ok'), () => console.log('failed'))
k.getCaPackagesInstalled().then((pkgs) => console.log(pkgs))
k.removeCaPackage('example').then(() => console.log('ok'), () => console.log('failed'))