NAME

OpenXPKI::Server::Workflow::Condition::NICE::UsableTokenForValidity

Description

This condition checks if a CA token is available for a given validity interval. If you do not specify both sides of the interval, you need to pass the profile name so the condition will look up the profile for any notbefore/notafter specification.

The check is usally done with the tokens of the certsign group but you can pass any other registered type name using the token parameter.

Configuration

    class: OpenXPKI::Server::Workflow::Condition::NICE::UsableTokenForValidity
    param:
        _map_cert_profile: $cert_profile
        _map_notbefore: $notbefore
        _map_notafter: $notafter

Parameters

notbefore: The notbefore date, must be any format supported by detect mode of OpenXPKI::DateTime::get_validity. If not given, the profile is checked for any usable value, last resort is always "now".
notafter: The notafterdate, must be any format supported by detect mode of OpenXPKI::DateTime::get_validity. If not given the profile specification is used.
cert_profile: Name of the certificate profile, mandatory only if you do not provide both validity values.
token: The group name of the token, default is certsign.