Get-ChainCertificates function
The Get-ChainCertificates function returns the root and intermediate certificate chain for the end-entity certificates to be issued by the certificate authority (CA).
The Get-ChainCertificates function is called when the CA template is validated and any certificates that are returned are added to the Adaptable CA template automatically. This helps to ensure that the proper chain is built for the certificates that are enrolled.
|
Variable Name |
Data Type |
Description |
|---|---|---|
|
AuxPass |
String |
The password portion of the Secondary Credential when a user name or a password credential is assigned, or the PKCS#12 password when a certificate credential is assigned |
|
AuxPfxData |
Byte Array |
A PKCS#12 byte array that contains a client certificate and private key when a certificate credential is assigned as the Secondary Credential |
|
AuxUser |
String |
The user name portion of the Secondary Credential when a user name credential is assigned |
|
CertObjDN |
String |
Venafi distinguished name (DN) of the certificate object in the policy tree |
|
CustomFields |
Hashtable |
Hash table keys are Custom Field labels and the values are strings (single-valued) or string arrays (multi-valued). |
|
OAuthAccessToken |
String |
OAuth token passed to the PowerShell script. Null is always passed as a value, because this function is only used for CA settings validation. |
|
PfxData |
Byte Array |
PKCS#12 keystore containing client certificate and private key for authenticating with the CA; this and the PfxPass are used together to instantiate an X509Certificate2 object for client certificate authentication. |
|
PfxPass |
SecureString |
Password for access to the private key of the PfxData PKCS#12 |
|
UserName |
String |
User name for authenticating with the CA |
|
UserPass |
String |
Password for authenticating with the CA |
|
WebSdkUrl |
String |
String representing the fully-qualified domain name to the WebSDK of your Trust Protection Platform server. Null is always passed as a value, because this function is only used for CA settings validation. For information on where this variable data is set, see Trust Protection Platform server configuration. |
|
Return |
Data Type |
Description |
|---|---|---|
|
Result |
String |
Shows "Success" or "NotUsed" to indicate the non-error completion state. |
|
PKCS7 |
String |
A collection that includes all of the CA certificates in the issuing chain. |
For information about processing stages, see About certificate lifecycle management.