CreateCertificateOptions

Defined in: packages/core/src/agent/certificate.ts:172

Properties

agent?

optional agent: Agent

Defined in: packages/core/src/agent/certificate.ts:211

The agent used to sync time with the IC network, if the certificate fails the freshness check. If the agent does not implement the HttpAgent.getTimeDiffMsecs, HttpAgent.hasSyncedTime, HttpAgent.syncTime and HttpAgent.syncTimeWithSubnet methods, time will not be synced in case of a freshness check failure.

Default

undefined

blsVerify?

optional blsVerify: VerifyFunc

Defined in: packages/core/src/agent/certificate.ts:189

BLS Verification strategy. Default strategy uses bls12_381 from @noble/curves

certificate

certificate: Uint8Array

Defined in: packages/core/src/agent/certificate.ts:176

The bytes encoding the certificate to be verified

disableTimeVerification?

optional disableTimeVerification: boolean

Defined in: packages/core/src/agent/certificate.ts:203

Overrides the maxAgeInMinutes setting and skips comparing the client’s time against the certificate. Used for scenarios where the machine’s clock is known to be out of sync, or for inspecting expired certificates.

Default

false

maxAgeInMinutes?

optional maxAgeInMinutes: number

Defined in: packages/core/src/agent/certificate.ts:197

The maximum age of the certificate in minutes. Default is 5 minutes. This is used to verify the time the certificate was signed, particularly for validating Delegation certificates, which can live for longer than the default window of +/- 5 minutes. If the certificate is older than the specified age, it will fail verification.

Default

principal

principal: CertificatePrincipal

Defined in: packages/core/src/agent/certificate.ts:185

The principal for which the certificate is being verified.

rootKey

rootKey: Uint8Array

Defined in: packages/core/src/agent/certificate.ts:181

The root key against which to verify the certificate (normally, the root key of the IC main network)