Skip to main content
Version: 8.2411.x.x RR

Certificates

X509 certificates hold a lot of information in their x509 attributes and extensions. This information is stored in the table TIDMA_CERT_INFO for easier retrieval. Furthermore, the certificate fingerprint allows faster searches for a certain certificate during authentication operations.

The TIDMA_CERT_INFO table is an extension of the TIDMA_CREDENTIAL base table in All credentials, which lists attributes that are valid for all credentials.

Database table TIDMA_CERT_INFO

DB attributeJava data type (max. size), defaultsDescription
cert_info_idLong, not NULLPrimary key
credential_idLong, not NULLForeign key that links to information in the table TIDMA_CREDENTIAL
fingerprintString(80), not NULLHash of the certificate's public key
issuer_dnString(1000), not NULLThe issuer DN of the certificate
serialString(50), not NULLIdentification of the certificate, created by the issuing certificate authority.
subject_dnString(1000), not NULLThe subject DN of the certificate
subject_key_identifierString(100), nullableX509 extension that identifies the subject's key.
certificate_valueString(65535), nullablecertificate_value contains the certificate as a string instead of the value column in the TIDMA_CREDENTIAL table, since it can handle longer than 4000 character certificates. certificate_value is used for certificates created or modified after migrating to 2.86.3 or to 2.82.6.