generateReaderRootCertificate
fun generateReaderRootCertificate(readerRootKey: EcPrivateKey, subject: X500Name, serial: ASN1Integer, validFrom: Instant, validUntil: Instant, crlUrl: String): X509Cert
Generates a self-signed reader root certificate.
Note that there are no requirements in ISO/IEC 18013-5:2021 for reader root certificates.
Return
a X509Cert.
Parameters
readerRootKey
the private key.
subject
the value to use for subject and issuer, e.g. "CN=Test Reader Root,C=ZZ".
serial
the serial number to use for the certificate.
validFrom
the point in time the certificate should be valid from.
validUntil
the point in time the certificate should be valid until.
crlUrl
the URL for revocation (see RFC 5280 section 4.2.1.13).