Certificates
X509 certificates hold a lot of information in their x509 attributes and extensions. This information is stored in the table TIDMA_CERT_INFO for easier retrieval. Furthermore, the certificate fingerprint allows faster searches for a certain certificate during authentication operations.
The TIDMA_CERT_INFO table is an extension of the TIDMA_CREDENTIAL base table in All credentials, which lists attributes that are valid for all credentials.
Database table TIDMA_CERT_INFO
| DB attribute | Java data type (max. size), defaults | Description |
|---|---|---|
| cert_info_id | Long, not NULL | Primary key |
| credential_id | Long, not NULL | Foreign key that links to information in the table TIDMA_CREDENTIAL |
| fingerprint | String(80), not NULL | Hash of the certificate's public key |
| issuer_dn | String(1000), not NULL | The issuer DN of the certificate |
| serial | String(50), not NULL | Identification of the certificate, created by the issuing certificate authority. |
| subject_dn | String(1000), not NULL | The subject DN of the certificate |
| subject_key_identifier | String(100), nullable | X509 extension that identifies the subject's key. |
certificate_value | String(65535), nullable | certificate_value contains the certificate as a string instead of the value column in the TIDMA_CREDENTIAL table, since it can handle longer than 4000 character certificates. certificate_value is used for certificates created or modified after migrating to 2.86.3 or to 2.82.6. |