N/certificateControl Module Script Samples

The following script samples demonstrate how to use the features of the N/certificateControl module:

• Filter the Digital Certificate List by Subsidiary and File Type

• Find the Audit Trail of POST Operations for a Certificate Record Based on ID

• Create, Modify, and Save Certificate Record Based on a File in the File Cabinet

• Find and Use an Existing Certificate Record

• Generate Signature of a Plain Text String and Verify the Signature Using the Same Certificate

• Establish an SFTP Connection Using an SSH Key

Filter the Digital Certificate List by Subsidiary and File Type

The following sample shows how to filter the Digital Certificates list by subsidiary and by file type.

Note:

This sample script uses the require function so that you can copy it into the SuiteScript Debugger and test it. You must use the define function in an entry point script (the script you attach to a script record and depoly). For more information, see SuiteScript 2.x Script Basics and SuiteScript 2.x Script Types.

            /**
 * @NApiVersion 2.x
   */
require(['N/certificateControl'],
      function(certificateControl){
         var all = certificateControl.findCertificates();
         var specificType = certificateControl.findCertificates({
              type: 'PFX'
         });
         var specificSub = certificateControl.findCertificates({
              subsidiary: 93
         });
         var specificTypeAndSub = certificateControl.findCertificates({
               type: 'PFX',
               subsidiary: 93
         }); 

          

Find the Audit Trail of POST Operations for a Certificate Record Based on ID

The following sample shows how to find the audit trail of POST operations for the certificate record with ID ‘custcertificate_china’.

Note:

This sample script uses the require function so that you can copy it into the SuiteScript Debugger and test it. You must use the define function in an entry point script (the script you attach to a script record and deploy). For more information, see SuiteScript 2.x Script Basics and SuiteScript 2.x Script Types.

            /**
 * @NApiVersion 2.x
   */

require(['N/certificateControl'], function(cc){
    var usages = cc.findUsages({
        id: 'custcertificate_china',
            operation: cc.Operation.POST
       });
}) 

          

Create, Modify, and Save Certificate Record Based on a File in the File Cabinet

The following sample shows how to create a file object by loading a file from the File Cabinet. It then creates the options needed for the certificateControl.createCertificate(options) method and creates and saves the certificate record. The certificate record is then loaded again, edited to the change the file, and saved again.

Note:

This sample script uses the require function so that you can copy it into the SuiteScript Debugger and test it. You must use the define function in an entry point script (the script you attach to a script record and deploy). For more information, see SuiteScript 2.x Script Basics and SuiteScript 2.x Script Types.

            /**
 * @NApiVersion 2.x
   */

require(['N/certificateControl','N/file'],function(cc, file){
    var fileObj = file.load({
        id: 'SuiteScripts/dsa.p12'
    });
    var options = {
        file : fileObj,
        password : '022b490ad4334c7e86a8304f937ec68f',
        name : 'testCert',
        description : 'testDescription',
        scriptId : '_testid',
        subsidiaries : [1,3],
        weekReminder : false,
        monthReminder : true,
        threeMonthsReminder : false
    };
    var newCertificate = cc.createCertificate(options);
    newCertificate.save();
 
    var loadedCertificate = cc.loadCertificate({
           scriptId : 'custcertificate_testid'
    });
    fileObj = file.load({
        id: 'SuiteScripts/ecdsa.p12'
    });
    loadedCertificate.file = fileObj;
    loadedCertificate.password = '022b490ad4334c7e86a8304f937ec68f';
    loadedCertificate.save();
}) 

          

Find and Use an Existing Certificate Record

The following sample shows how to find an existing certificate record and use it in an operation.

Note:

This sample script uses the require function so that you can copy it into the SuiteScript Debugger and test it. You must use the define function in an entry point script (the script you attach to a script record and deploy). For more information, see SuiteScript 2.x Script Basics and SuiteScript 2.x Script Types.

            /**
 * @NApiVersion 2.x
   */

require(['N/certificateControl','N/https/clientCertificate'],function(cc, cert){
    var yodlee = cc.findCertificates({
        name: 'Yodlee',
        description: 'Yodlee certificate' 
    });
    cert.post({
        certId:yodlee[0].id,
        url:'url',
        body:'body',
        headers:'headers'
    });
}) 

          

Generate Signature of a Plain Text String and Verify the Signature Using the Same Certificate

The following sample shows how to generate a signature of a plaintext string and then verifies the signature using the same certificate.

Note:

This sample script uses the require function so that you can copy it into the SuiteScript Debugger and test it. You must use the define function in an entry point script (the script you attach to a script record and deploy). For more information, see SuiteScript 2.x Script Basics and SuiteScript 2.x Script Types.

            /**
 * @NApiVersion 2.x
 */

require(['N/certificateControl','N/crypto/certificate'], function(cc, certificate){
    var signer = certificate.createSigner({
        certId:'custcertficiate_cert_1',
        algorithm: 'SHA256'
        });
    var result = signer.sign();
    var verifier = certificate.createVerifier({
        certId: 'custcertificate_cert_1',
        algorithm: 'SHA256'
        });
    verifier.update('test');
    verifier.verify(result);
}) 

          

The res variable returns an array of information about the usage of the digital certificate, including the date of the action, the type of operation, such as sign, and the internal ID of the person who performed the action.

Establish an SFTP Connection Using an SSH Key

The following sample establishes a SFTP connection using an SSH key that has already been uploaded to NetSuite. It then creates, updates, loads, and deletes a certificate record to show the full CRUD operation. Replace the server URL with your correct URL.

For the SFTP connection, the public key corresponding to the private key in the certificate must be stored in the .ssh/authorized_keys file on the server.

Note:

This sample script uses the require function so that you can copy it into the SuiteScript Debugger and test it. You must use the define function in an entry point script (the script you attach to a script record and deploy). For more information, see SuiteScript 2.x Script Basics and SuiteScript 2.x Script Types.

            /**
 * @NApiVersion 2.x
 */

require(['N/file', 'N/sftp', 'N/certificateControl'], function(file, sftp, certificateControl) {
    var certPath = 'yyy/certificates'
    var certName = 'apiclient_cert.p12';

    // Establish SFTP connection
    var connection = sftp.createConnection({
        username: 'sftpuser',
        keyId: 'custkeysftp_nft_demo_key',
        url: 'my.sftp.example.com',
        port: 22,
        directory: 'inbound',
        hostKey: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQC4gYD1K4lE9QnuYEgRRQChjrAM1+bTT95e71Xv0oQ60ywVQEiedhRqSMbPiCPPB4pjpBdOmPIQCCkug+3XwAQ6uNj3UM11zoGGmg86tyEJT6qGB0SsrQJzHTb3EG38BSrBO0WEzOWeJ8E8YODT3oAj1Nrf8Ls3JbGObRF+0uwJDIllSrFkYS3kWCV27NhBnaytGe7iLBgrJdNVlitNqkxZfK0NsAYCaJWQjQLtz+GFfN5zTbKKNsDa6s/YW7oAMMOI3Q5GQAqdXtKY728WvxYTjr2FsYS/KM6nbq/csTvZHWLE0z2TQtB2H0IIofvEP/QvXwmgEnCeVPcNgRwdHWQf'
    });
// ------------------------------------------------------------------------

// Create new certificate   
    var certScriptId = '_' + (Math.random().toString(36).substring(2, 10));
    var cert = certificateControl.createCertificate();
    cert.name = 'Test Certificate China API';
    cert.description = 'Test Certificate China created using API';
// custcertificate prefix will be added automatically
    cert.scriptId = certScriptId;
    cert.file = connection.download({ 
        directory: certPath,
        filename: certName
    });
//guid corresponding to the certificate's password';
    var pwd = '022b490ad4334c7e86a8304f937ec68f'; 
    cert.password = pwd;
    cert.save();
/**/certScriptId = 'custcertificate' + certScriptId;
    log.debug('Certificate "' + cert.name + '" successfuly created with id "' + certScriptId + '"!');
// ------------------------------------------------------------------------
// Rename certificate
    cert = certificateControl.loadCertificate({scriptId: certScriptId});
    cert.name = 'Test Certificate China API TEMP';
    cert.save();
// Verify new certificate name
/**/cert = certificateControl.loadCertificate({scriptId: certScriptId});
    log.debug('Certificate successfully renamed to "' + cert.name + '"');
// ------------------------------------------------------------------------
// Delete certificate
    certificateControl.deleteCertificate(certScriptId);
    log.debug('Certificate deleted!');
// ------------------------------------------------------------------------
// Load the deleted certificate
    // attempt to load the deleted certificate - this should error
    try {
        cert = certificateControl.loadCertificate({scriptId: certScriptId});
    } 
    catch (e) {
        log.error(e.message);
    }
}) 

          

General Notices