new FabricCAClient(connect_opts, cryptoPrimitives)
Parameters:
Name | Type | Description |
---|---|---|
connect_opts |
ConnectOpts | Connection options for communicating with the Fabric CA server |
cryptoPrimitives |
Throws:
Will throw an error if connection options are missing or invalid
Methods
-
<async> enroll(enrollmentID, enrollmentSecret, csr [, profile] [, attr_reqs])
-
Enroll a registered user in order to receive a signed X509 certificate
Parameters:
Name Type Argument Description enrollmentID
string The registered ID to use for enrollment enrollmentSecret
string The secret associated with the enrollment ID csr
string PEM-encoded PKCS#10 certificate signing request profile
string <optional>
The profile name. Specify the 'tls' profile for a TLS certificate; otherwise, an enrollment certificate is issued. attr_reqs
Array.<AttributeRequest> <optional>
An array of AttributeRequest Returns:
- Type
- Promise.<EnrollmentResponse>
-
<async> getCaInfo(signingIdentity)
-
Get info on the CA
Parameters:
Name Type Description signingIdentity
SigningIdentity The instance of a SigningIdentity encapsulating the signing certificate, hash algorithm and signature algorithm Returns:
- Type
- Promise.<CAInfoResponse>
-
newAffiliationService()
-
Create a new AffiliationService instance
Returns:
instance- Type
- AffiliationService
-
newCertificateService()
-
Create a new CertificateService instance
Returns:
instance- Type
- CertificateService
-
newIdentityService()
-
Creates a new IdentityService instance
Returns:
instance- Type
- IdentityService
-
<async> reenroll(csr, signingIdentity [, attr_reqs])
-
Re-enroll an existing user.
Parameters:
Name Type Argument Description csr
string PEM-encoded PKCS#10 certificate signing request signingIdentity
SigningIdentity The instance of a SigningIdentity encapsulating the signing certificate, hash algorithm and signature algorithm attr_reqs
Array.<AttributeRequest> <optional>
An array of AttributeRequest Returns:
- Type
- Promise.<EnrollmentResponse>
-
<async> register(enrollmentID [, enrollmentSecret] [, role], affiliation, maxEnrollments [, attrs], signingIdentity)
-
Register a new user and return the enrollment secret
Parameters:
Name Type Argument Description enrollmentID
string ID which will be used for enrollment enrollmentSecret
string <optional>
Optional enrollment secret to set for the registered user. If not provided, the server will generate one. When not including, use a null for this parameter. role
string <optional>
Optional type of role for this user. When not including, use a null for this parameter. affiliation
string Affiliation with which this user will be associated maxEnrollments
number The maximum number of times the user is permitted to enroll attrs
Array.<KeyValueAttribute> <optional>
Array of key/value attributes to assign to the user signingIdentity
SigningIdentity The instance of a SigningIdentity encapsulating the signing certificate, hash algorithm and signature algorithm Returns:
The enrollment secret to use when this user enrolls- Type
- Promise.<string>
-
<async> revoke(enrollmentID, aki, serial, reason, gencrl, signingIdentity)
-
Revoke an existing certificate (enrollment certificate or transaction certificate), or revoke all certificates issued to an enrollment id. If revoking a particular certificate, then both the Authority Key Identifier and serial number are required. If revoking by enrollment id, then all future requests to enroll this id will be rejected.
Parameters:
Name Type Description enrollmentID
string ID to revoke aki
string Authority Key Identifier string, hex encoded, for the specific certificate to revoke serial
string Serial number string, hex encoded, for the specific certificate to revoke reason
string The reason for revocation. See https://godoc.org/golang.org/x/crypto/ocsp for valid values gencrl
bool GenCRL specifies whether to generate a CRL signingIdentity
SigningIdentity The instance of a SigningIdentity encapsulating the signing certificate, hash algorithm and signature algorithm Returns:
The revocation results- Type
- Promise