Older version

PKCS10ValidatorValve

Valve for validating content of a PKCS#10 certification signing request (CSR).

Content validated:

Signature
Signature algorithm (if configured)
Key algorithm (if configured)
Key size (if configured, only for RSA)
Subject (if configured)

Validation is done using regular expressions.

Properties

Name	Description	Default value	Mandatory	Supports property expansion
source	Expression expanding to a CSR in PEM format.		Yes	Yes
signature_algorithm_regex	Regular expression for validating CSR signature algorithm.	.*	No	No
key_algorithm_regex	Regular expression for validating CSR public key algorithm.	.*	No	No
key_size_regex	Regular expression for validating CSR public key size (only RSA).	.*	No	No
subject_regex	Regular expression for validating CSR subject.	.*	No	No

Example Configuration

{
  "name": "PKCS10ValidatorValve",
  "enabled": "true",
  "config": {
    "source": "csr",
    "key_algorithm_regex": "RSA",
    "key_size_regex": "2048",
    "subject_regex": "CN=user_[0-9]{1,2}"
  }
}

Older version

PKCS10ValidatorValve

Properties

Example Configuration

Topics

Last Updated

Other Resources