Common Security Content
Shared content amongst the Security library documentation.
Syntax
General Usage
In case of error, the method throws an exception and sets the
status variable. Depending on the error, a human-readable description of the
problem is available in the sqlca.sqlerrm register. See Error handling in GWS calls (status).
The int_flag variable is checked during GWS API call to handle program interruptions, for more details, see Interruption handling in GWS calls (int_flag)
This method may raise exception -15700 (operation failed) or -15701 (invalid parameter).
Certificates
This command creates a serial file with an initial HEX value 01. OpenSSL uses this file to track the serial numbers of certificates it creates. The serial file is typically given the same name as the CA with the extension .srl.
All keys or certificates in PEM or DER format were created with the OpenSSL tool. For information on how the OpenSSL tool works, refer to the OpenSSL documentation.
- If you want an official Certificate Authority, you must send the CSR file to one of the self-established Certificate Authority companies on the Internet (instead of creating it with openssl. See Encryption and authentication).
- The CSR file is also used to encrypt messages that only its corresponding private key can decrypt.
Follow the instructions to create the CSR. This command also creates a
private-key file (pem) containing the RSA private key of the CSR certificate
protected by a password. By default, openssl outputs the private key in the
privkey.pem file. If you want to specify a different file name, or if your
openssl version does not output the private key by default, add -keyout
<myprivkey>.pem to the command.
$ openssl rsa -in privkey.pem -out MyClient.pem