CreateCertificateOptions

Defined in: packages/core/src/agent/certificate.ts:170

Properties

agent?

optional agent: Agent

Defined in: packages/core/src/agent/certificate.ts:209

The agent used to sync time with the IC network, if the certificate fails the freshness check. If the agent does not implement the HttpAgent.getTimeDiffMsecs, HttpAgent.hasSyncedTime, HttpAgent.syncTime and HttpAgent.syncTimeWithSubnet methods, time will not be synced in case of a freshness check failure.

Default

undefined

blsVerify?

optional blsVerify: VerifyFunc

Defined in: packages/core/src/agent/certificate.ts:187

BLS Verification strategy. Default strategy uses bls12_381 from @noble/curves

certificate

certificate: Uint8Array

Defined in: packages/core/src/agent/certificate.ts:174

The bytes encoding the certificate to be verified

disableTimeVerification?

optional disableTimeVerification: boolean

Defined in: packages/core/src/agent/certificate.ts:201

Overrides the maxAgeInMinutes setting and skips comparing the client’s time against the certificate. Used for scenarios where the machine’s clock is known to be out of sync, or for inspecting expired certificates.

Default

false

maxAgeInMinutes?

optional maxAgeInMinutes: number

Defined in: packages/core/src/agent/certificate.ts:195

The maximum age of the certificate in minutes. Default is 5 minutes. This is used to verify the time the certificate was signed, particularly for validating Delegation certificates, which can live for longer than the default window of +/- 5 minutes. If the certificate is older than the specified age, it will fail verification.

Default

principal

principal: CertificatePrincipal

Defined in: packages/core/src/agent/certificate.ts:183

The principal for which the certificate is being verified.

rootKey

rootKey: Uint8Array

Defined in: packages/core/src/agent/certificate.ts:179

The root key against which to verify the certificate (normally, the root key of the IC main network)