Skip to content

CA Certificate Database

Endi S. Dewata edited this page Oct 10, 2022 · 3 revisions

Certificate Container

dn: ou=certificateRepository,ou=ca,dc=ca,dc=pki,dc=example,dc=com
serialno: 011
ou: certificateRepository
objectClass: top
objectClass: repository
nextRange: 1000000001

Certificate Record

LDAP Attribute Description Indexed Searchable Example

cn

Serial number in decimal

Yes

Yes

143845092896708171325141363599427560669

serialno

2-digit length + serial number in decimal

39143845092896708171325141363599427560669

subjectName

Subject name

CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE

issuerName

Issuer name

CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE

Examples

dn: cn=143845092896708171325141363599427560669,ou=certificateRepository,ou=ca,
 dc=ca,dc=pki,dc=example,dc=com
objectClass: top
objectClass: certificateRecord
serialno: 39143845092896708171325141363599427560669
metaInfo: profileId:caCACert
metaInfo: requestId:191072288335703963635074644335080704784
notBefore: 20220825153707Z
notAfter: 20420825153707Z
duration: 12631152000000
subjectName: CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE
issuerName: CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE
publicKeyData:: MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEApGXVeqx8v4pUXNtS0+
 hM1MBEM2ZmCPvjaVl1DZD4UuIjLQ+RUICyj1SrqjUbw46i765jOYZFaiSkQIEkC5lPns6jKuft9co
 +1WjMdsoNCtNdi/zh/HKrOpEaWkAOx4+ddjkJVvN0Auxg8YgerfVXXscSQk9dBuYnZDQw5/Cz3QKg
 LcLTDu7S7gXFZfedrWWoK0Z4Wl6weJxqJLfSUJPwhN8ymHGJRKrAsWs1NwwkFeAUy3gHQBEIBFvUr
 7PRpkDpcByR6pREgFhd1SS25WMhPj0TpbRfXNCsYT1v7lPoOLvFsla52o3BObWJ4VVkT45XTzSQnp
 kuBwDgaoAikuexmbz32EG040zgV59ayEqviLr7Ndp6S7xyPToGjESl6/8OBpjhlC8JVxi+oaeCo56
 yfy5Y4C9Re9aOuFEZNKgrmY3M3z8iXN2eovEl9MmJdS4sE7XYKfyPnJ9fuO4nKQeNJXwj3QpWZKz8
 dnjVyu7erI0DpG8enF2BBhZunSdZCPozAgMBAAE=
extension: 2.5.29.35
extension: 2.5.29.14
extension: 1.3.6.1.5.5.7.1.1
extension: 2.5.29.19;isCA=true,pathLen=-1
extension: 2.5.29.15
userCertificate;binary:: MIIEtzCCAx+gAwIBAgIQbDeOoxsGPDafIa8vUuDk3TANBgkqhkiG9
 w0BAQsFADBIMRAwDgYDVQQKDAdFWEFNUExFMRMwEQYDVQQLDApwa2ktdG9tY2F0MR8wHQYDVQQDDB
 ZDQSBTaWduaW5nIENlcnRpZmljYXRlMB4XDTIyMDgyNTIwMzcwN1oXDTQyMDgyNTIwMzcwN1owSDE
 QMA4GA1UECgwHRVhBTVBMRTETMBEGA1UECwwKcGtpLXRvbWNhdDEfMB0GA1UEAwwWQ0EgU2lnbmlu
 ZyBDZXJ0aWZpY2F0ZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKRl1XqsfL+KVFzbU
 tPoTNTARDNmZgj742lZdQ2Q+FLiIy0PkVCAso9Uq6o1G8OOou+uYzmGRWokpECBJAuZT57Ooyrn7f
 XKPtVozHbKDQrTXYv84fxyqzqRGlpADsePnXY5CVbzdALsYPGIHq31V17HEkJPXQbmJ2Q0MOfws90
 CoC3C0w7u0u4FxWX3na1lqCtGeFpesHicaiS30lCT8ITfMphxiUSqwLFrNTcMJBXgFMt4B0ARCARb
 1K+z0aZA6XAckeqURIBYXdUktuVjIT49E6W0X1zQrGE9b+5T6Di7xbJWudqNwTm1ieFVZE+OV080k
 J6ZLgcA4GqAIpLnsZm899hBtONM4FefWshKr4i6+zXaeku8cj06BoxEpev/DgaY4ZQvCVcYvqGngq
 Oesn8uWOAvUXvWjrhRGTSoK5mNzN8/IlzdnqLxJfTJiXUuLBO12Cn8j5yfX7juJykHjSV8I90KVmS
 s/HZ41cru3qyNA6RvHpxdgQYWbp0nWQj6MwIDAQABo4GcMIGZMB8GA1UdIwQYMBaAFJdRabFvZIaI
 xegjzLU8dA2XhtamMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBSXU
 Wmxb2SGiMXoI8y1PHQNl4bWpjA2BggrBgEFBQcBAQQqMCgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9mZW
 RvcmE6ODA4MC9jYS9vY3NwMA0GCSqGSIb3DQEBCwUAA4IBgQBfOuSmE05JjE4X6fliJnO+mrBieMJ
 of0ED258ICOsAL5LHWWahHYd6lbBwUgldXA1UH00FLHrGe92fLjC49c8Q/bDVq5P7kj6E9pH5p6EX
 /+Ddi7fizI9wuZTx7lder0HM5sHvQ4UGWAGYR2b0ZWaqeRZMosPdbpw2QSSISda3nQawP62nxAdkG
 o96CyjSk6U0kkgkEK8uQmpJSA6Oy2yzL5p1Ni2zJp+wW9MKoNXIQOiluelOnu/Tx2YLERcCy0t924
 uixBeRVScllHjDgl1mWpHpDA6Z70m70Vz4AtXSdKuFGhhAg//S4eibxX9rrKY3o/n6S7cRSwmk08C
 2eAVSZiigMgRx2UduhWs6CQ30V5fW79xrBCZb4FBhWFu8n0xleJQZPa9vskdJj2CuZ6R+VP5ZpMOR
 eOfMVEMxVlwOi1YlP4XCCeDXgcWx873fiFTr4lPjJkEXRrCl2qzlQHeWepBBe8qV7N7i1xWsgHMia
 c0DZXdxJsW7SMJ+ZY312ho=
version: 2
algorithmId: 1.2.840.113549.1.1.1
signingAlgorithmId: 1.2.840.113549.1.1.11
dateOfCreate: 20220825153708Z
dateOfModify: 20220825153708Z
certStatus: VALID
autoRenew: ENABLED
issuedBy: system
cn: 143845092896708171325141363599427560669
Clone this wiki locally