Pipes
2025.25 Pipes
2025.25 Pipes
  • Introduction
  • Configuration
  • Valves
    • API
      • HTTP Response Format Valve
    • Azure
      • Get User
      • Get User Role
      • Is User in Group
    • BankID
      • BidOperation
      • BidToItems
    • Cef event
    • Codecs
      • Base64 Encode
      • Base64 Decode
      • Base64 Converter
    • DateTime
      • Instant Generator
      • Instant Transformer
      • MS Date to Instant Transformer
      • Instant to MS Date Transformer
    • Debug
      • Dump Request
      • Dump Exports
      • Dump Session
      • Dump State
      • Wait
    • Delivery
      • Clean Mobile Valve
      • SMS Valve
      • Voice Valve
      • SMTP Valve
    • EntraID
      • Users
        • Create User
        • Update User
        • Delete User
        • Get User
        • List Users
        • Get Groups
        • List Groups
        • List Direct Reports
        • List Owned Objects
        • Reset Password
      • Groups
        • Create Group
        • Update Group
        • Delete Group
        • List Groups
        • Add Group To Users
        • Remove Group From Users
        • Add User To Groups
        • Remove User From Groups
        • Add Group Owner
        • Remove Group Owner
      • Directory
        • Restore Deleted Item
    • Exports
      • Exports Put
      • Exports Remove
    • Flow
      • Flow Fail
      • Flow State Add
      • Assert Value
      • Pipe Exec
      • Pipe Call
    • Freja
    • HTTP
      • GET
      • PUT
      • POST
      • DELETE
    • Item
      • Item Create
      • Item Merge
      • Item Match Merge
      • Item Remove
      • Items Remove
      • Item Rename
      • Item Property Add
      • Item Property Copy
      • Item Property Split
      • Item Property Rename
      • Item Property Replace
      • Item Property Hash
      • Item Property Token Replace
      • MV Property To Items
      • JSON To Items
      • MV Property Join
    • JDBC Query
    • JSON
      • JsonObjectCreate
    • JWT
      • CreateJwt
      • ParseJwt
    • LDAP
      • LDAP Search
      • LDAP Group Filter
      • LDAP Bind
      • LDAP Add
      • LDAP Delete
      • LDAP Modify
      • LDAP Move
      • DN Parse
    • Microsoft AD
      • Add Member To Groups
      • Remove Member From Groups
      • Add Group To Members
      • Remove Group From Members
      • GUID to string
    • Misc
      • Basic Auth
    • OTP
      • OTP Generation
      • OTP Validation
    • PKI
      • X509 Certificate Extractor
      • X509 Certificate Validator
      • Passcode Generator
    • PDF
      • Html2Pdf
      • PDFMerge
    • Request
      • RequestParameterExist
      • RequestParameterRename
    • ScriptEval
    • MobilSITHS
    • Session
      • Session Put
      • Session Create
      • CopyFromSession
    • Tokens
      • Token Authentication
    • WorkOrders
      • WorkOrderCreate
Powered by GitBook
On this page
  • Introduction
  • Configuration
  1. Valves
  2. PKI

X509 Certificate Extractor

Valve for extracting X.509 certificate attributes

Introduction

Use this valve to extract attributes from a X.509 v3 certificate.

This valve is a part of the item iteration API meaning that it operates on the current item set. For more information on item iteration, see Item.

Valve operates on current item set and extracted attributes will added as properties on the current item. If no item exist a new will be created using certificate subject as identifier.

The following attributes are extracted:

  • subject

  • issuer

  • serialNumber

  • notBefore

  • notAfter

  • subjectAltNames

  • publicKey

  • publicKeyAlgorithm

  • publicKeyFormat

  • publicKeyType (only RSA)

  • publicKeySize (only RSA)

  • crlDistributionPoints

  • ocspLocations

  • ocspIssuers

  • basicConstraints

  • sigAlgName

  • sigAlgOid

  • keyUsage

  • extKeyUsage

Item properties are prefixed (default "cert_") to avoid affection existing properties.

Certificate attributes with multiple values are added as multi valued item properties.

Certificate attributes that contain name-value pairs (like subjectAltNames) are added as multi-valued name-value string in format "name=value".

Configuration

Valve name: X509CertificateExtractor

Name
Description
Default value
Mandatory
Expanded

src

X509 certificate in PEM format.

prefix

Item property name prefix.

"cert_"

{
  "name" : "X509CertificateExtractor,
  "config" : {
    "src" : "pem",
    "prefix" : "cert_"
  }
}

PreviousPKINextX509 Certificate Validator