X509Attestation Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Representation of a single Device Provisioning Service X509 Attestation.
public sealed class X509Attestation : Microsoft.Azure.Devices.Provisioning.Service.Attestation
public class X509Attestation : Microsoft.Azure.Devices.Provisioning.Service.Attestation
type X509Attestation = class
inherit Attestation
Public NotInheritable Class X509Attestation
Inherits Attestation
Public Class X509Attestation
Inherits Attestation
- Inheritance
Remarks
The provisioning service supports Device Identifier Composition Engine, or DICE, as the device attestation mechanism. To use X509, user must provide the certificate. This class provide the means to create a new attestation for a X509 certificate and return it as an abstract interface Attestation.
An X509 attestation can contains one of the 3 types of certificate:
- Client or Alias certificate: Called on this class as clientCertificates, this certificate can authenticate a single device.
- Signing or Root certificate: Called on this class as rootCertificates, this certificate can create multiple Client certificates to authenticate multiple devices.
- CA Reference: Called on this class as X509CAReferences, this is a CA reference for a rootCertificate that can creates multiple Client certificates to authenticate multiple devices.
The provisioning service allows user to create IndividualEnrollment and EnrollmentGroup. For all operations over IndividualEnrollment with X509, user must provide a clientCertificates, and for operations over EnrollmentGroup, user must provide a rootCertificates or a X509CAReferences.
For each of this types of certificates, user can provide 2 Certificates, a primary and a secondary. Only the primary is mandatory, the secondary is optional.
The provisioning service will process the provided certificates, but will never return it back. Instead of it, GetPrimaryX509CertificateInfo() and GetSecondaryX509CertificateInfo() will return the certificate information for the certificates.
Properties
CaReferences |
Certificates Authority references. |
CAReferences |
Certificates Authority references. |
Methods
CreateFromCaReferences(String, String) |
Factory with certficiate authority references with primary and secondary. |
CreateFromCAReferences(String, String) |
Factory with CAReferences with primary and secondary CA references. |
CreateFromCAReferences(String) |
Factory with CAReferences with primary CA references. |
CreateFromClientCertificates(String, String) |
Factory from ClientCertificates with primary and secondary certificates. |
CreateFromClientCertificates(String) |
Factory from ClientCertificates with primary certificate. |
CreateFromClientCertificates(X509Certificate2, X509Certificate2) |
Factory from ClientCertificates with primary and secondary certificates. |
CreateFromClientCertificates(X509Certificate2) |
Factory from ClientCertificates with primary certificate. |
CreateFromRootCertificates(String, String) |
Factory from RootCertificates with primary and secondary certificates. |
CreateFromRootCertificates(String) |
Factory from RootCertificates with primary certificate. |
CreateFromRootCertificates(X509Certificate2, X509Certificate2) |
Factory from RootCertificates with primary and secondary certificates. |
CreateFromRootCertificates(X509Certificate2) |
Factory from RootCertificates with primary certificate. |
GetPrimaryX509CertificateInfo() |
Getter for the primary X509 certificate info. |
GetSecondaryX509CertificateInfo() |
Getter for the secondary X509 certificate info. |