Interface CreateCertificateOptions

interface CreateCertificateOptions {
    certificate: ArrayBuffer;
    rootKey: ArrayBuffer;
    canisterId: types.Principal;
    blsVerify?: VerifyFunc;
    maxAgeInMinutes?: number;
}

Properties

certificate: ArrayBuffer

The bytes encoding the certificate to be verified

rootKey: ArrayBuffer

The root key against which to verify the certificate (normally, the root key of the IC main network)

canisterId: types.Principal

The effective canister ID of the request when verifying a response, or the signing canister ID when verifying a certified variable.

blsVerify?: VerifyFunc

BLS Verification strategy. Default strategy uses bls12_381 from @noble/curves

maxAgeInMinutes?: number

The maximum age of the certificate in minutes. Default is 5 minutes.

Default

5
This is used to verify the time the certificate was signed, particularly for validating Delegation certificates, which can live for longer than the default window of +/- 5 minutes. If the certificate is
older than the specified age, it will fail verification.