Class CIM_X509Certificate
extends CIM_X509Infrastructure

CIM_X509Certificate describes Internet X509 Public Key Infrastructure (PKI) standard based certificates. The certificates are signed by a trusted Certificate Authority (CA) or by the owner of the certificate and issued to an authenticated entity (e.g., human user, service, etc.) called the Subject in the certificate. The public key in the certificate is cryptographically related to a private key that is held and kept private by the authenticated Subject. The certificate and its related private key can then be used for establishing trust relationships and securing communications with the Subject. Refer to the Internet X.509 PKI standard (RFC 3280) for more information.

Table of Contents
Hierarchy
Direct Known Subclasses
Class Qualifiers
Class Properties
Class Methods


Class Hierarchy

CIM_ManagedElement
   |
   +--CIM_Credential
   |
   +--CIM_SignedCredential
   |
   +--CIM_X509Infrastructure
   |
   +--CIM_X509Certificate

Direct Known Subclasses

Class Qualifiers

NameData TypeValue
ClassConstraintstring/* The constraints below aim to efficiently */ /* represent a singular OctetString. Each of the properties*/ /* is a single encoded stringthus only the first element */ /* needs to be populated. */ inv:self.PublicKey->size()<=1 and self.SerialNumber->size()<=1 and self.EncodedCertificate->size()<=1
DescriptionstringCIM_X509Certificate describes Internet X509 Public Key Infrastructure (PKI) standard based certificates. The certificates are signed by a trusted Certificate Authority (CA) or by the owner of the certificate and issued to an authenticated entity (e.g., human user, service, etc.) called the Subject in the certificate. The public key in the certificate is cryptographically related to a private key that is held and kept private by the authenticated Subject. The certificate and its related private key can then be used for establishing trust relationships and securing communications with the Subject. Refer to the Internet X.509 PKI standard (RFC 3280) for more information.
UMLPackagePathstringCIM::User::PublicKey
Versionstring2.29.0

Class Properties

Local Class Properties

NameData TypeDefault ValueQualifiers
NameData TypeValue
AltSubjectstring
DescriptionstringAlternate subject identifier for the Certificate.
MappingStringsstringRFC3280.IETF|Section 4.2.1.7
IssuerUniqueIDstring
DescriptionstringString that identifies the issuer of the certificate.
MappingStringsstringRFC3280.IETF|Section 4.1.2.8
IsValidboolean
DescriptionstringIsValid represents whether the certificate is currently valid. When the certificate is revoked or expired or put on hold or invalidated for any reason IsValid shall be set to FALSE.
PathLengthConstraintuint16
DescriptionstringAn X.509 certificate may contain an optional extension that identifies whether the subject of the certificate is a certificate authority (CA). If the subject is a CA, this property defines the number of certificates that may follow this certificate in a certification chain.
MappingStringsstringRFC3280.IETF|Section 4.2.1.10
PublicKeyAlgorithmuint16
DescriptionstringPublic key algorithm.
MappingStringsstringRFC3280.IETF|Section 4.1.2.7
ValueMapstring0, 2, 3, 4, 5..32767, 32768..65535
ValuesstringUnknown, RSA, DSA, ECDSA, DMTF Reserved, Vendor Specified
PublicKeySizeuint16
DescriptionstringThe length of the public key represented in the PublicKey property.
MappingStringsstringRFC3280.IETF|Section 4.1.2.7
Subjectstring
DescriptionstringDistinguished name identifying the subject of the certificate.Subject shall contain information as required by section 4.1.2.6 of RFC 3280 and shall be formatted based on RFC 4514.
DNbooleantrue
MappingStringsstringRFC3280.IETF|Section 4.1.2.6
SubjectUniqueIDstring
DescriptionstringCertificate's unique subject identifier.
MappingStringsstringRFC3280.IETF|Section 4.1.2.8
TrustedRootCertificateboolean
DescriptionstringTRUE value represents that the certificate is a trusted root certificate.
EncodedCertificatestring[]
DescriptionstringThe full content of the certificate in binary form.Only the first element of the array property shall be populated.
MappingStringsstringRFC3280.IETF|Section 4
OctetStringbooleantrue
ExtendedKeyUsagestring[]
DescriptionstringThis extension indicates one or more purposes for which the certified public key may be used, in addition to or in place of the basic purposes indicated in the key usage extension.
MappingStringsstringRFC3280.IETF|Section 4.2.1.13
ExtensionIDstring[]
ArrayTypestringIndexed
DescriptionstringExtension identifier array for additional attributes associated with the certificate. The corresponding array element in the IsCritical property denotes whether the extension is critical. The corresponding array element in the ExtensionValue property contains the value of the extension attribute.
MappingStringsstringRFC3280.IETF|Section 4.1.2.9, RFC3280.IETF|Section 4.2
ModelCorrespondencestringCIM_X509Certificate.IsCritical, CIM_X509Certificate.ExtensionValue
ExtensionValuestring[]
ArrayTypestringIndexed
DescriptionstringCertificate extension attribute value array. The corresponding array element in the ExtensionID property contains the identifier of the certificate extension attribute. The corresponding array element in the IsCritical property denotes whether the extension is critical.
MappingStringsstringRFC3280.IETF|Section 4.1.2.9, RFC3280.IETF|Section 4.2
ModelCorrespondencestringCIM_X509Certificate.IsCritical, CIM_X509Certificate.ExtensionID
IsCriticalboolean[]
ArrayTypestringIndexed
DescriptionstringTRUE value represents that the extension attribute is critical. The corresponding array element in the ExtensionID property contains the identifier of the extension attribute. The corresponding array element in the ExtensionValue property contains the value of the extension attribute.
MappingStringsstringRFC3280.IETF|Section 4.1.2.9, RFC3280.IETF|Section 4.2
ModelCorrespondencestringCIM_X509Certificate.ExtensionID, CIM_X509Certificate.ExtensionValue
KeyUsageuint16[]
DescriptionstringKey usage defines the purpose of the key. Key usage could include digital signing, key agreement, certificate signing, and more. The key usage is an extension to the X.509 specification.
MappingStringsstringRFC3280.IETF|Section 4.2.1.3
ValueMapstring0, 2, 3, 4, 5, 6, 7, 8..32767, 32768..65535
ValuesstringUnknown, Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Key Agreement, Key Certificate Signature, DMTF Reserved, Vendor Specified
PublicKeystring[]
DescriptionstringThe DER-encoded raw public key that belongs to the subject the certificate vouches for.Only the first element of PublicKey array property shall be populated with DER encoded raw public key octet string.
MappingStringsstringRFC3280.IETF|Section 4.1.2.7
OctetStringbooleantrue
SerialNumberstring[]
DescriptionstringUnique number that identifies this certificate.Only the first element of the array property shall be populated.
MappingStringsstringRFC3280.IETF|Section 4.1.2.2
OctetStringbooleantrue

Inherited Properties

NameData TypeClass Origin
CaptionstringCIM_ManagedElement
DescriptionstringCIM_ManagedElement
ElementNamestringCIM_ManagedElement
ExpiresdatetimeCIM_Credential
Generationuint64CIM_ManagedElement
InstanceIDstringCIM_SignedCredential
IssueddatetimeCIM_Credential
IssuerNamestringCIM_X509Infrastructure
OtherSignatureAlgorithmstringCIM_SignedCredential
SignatureAlgorithmuint16CIM_SignedCredential
SignatureAlgorithmOIDstringCIM_SignedCredential
ValidFromdatetimeCIM_Credential
Versionuint16CIM_X509Infrastructure
FingerprintDigestAlgorithmsuint16[]CIM_X509Infrastructure
Fingerprintsstring[]CIM_X509Infrastructure
MD5Fingerprintstring[]CIM_X509Infrastructure
SHA1Fingerprintstring[]CIM_X509Infrastructure
Signatureuint8[]CIM_SignedCredential
TBSCertificatestring[]CIM_X509Infrastructure

Class Methods