x509.checkIssued(otherCert)
otherCert<X509Certificate>- 返回: <boolean>
通过比较证书元数据,检查此证书是否可能由给定的 otherCert 签发。
【Checks whether this certificate was potentially issued by the given otherCert
by comparing the certificate metadata.】
这对于修剪可能的发行者证书列表很有用,这些证书是通过更基本的筛选方法选择的,即仅根据主体和发行者名称。
【This is useful for pruning a list of possible issuer certificates which have been selected using a more rudimentary filtering routine, i.e. just based on subject and issuer names.】
最后,要验证该证书的签名是否由与 otherCert 的公钥对应的私钥生成,使用 x509.verify(publicKey),并将 otherCert 的公钥表示为 KeyObject,如下所示
【Finally, to verify that this certificate's signature was produced by a private key
corresponding to otherCert's public key use x509.verify(publicKey)
with otherCert's public key represented as a KeyObject
like so】
if (!x509.verify(otherCert.publicKey)) {
throw new Error('otherCert did not issue x509');
}