1e41f4b71Sopenharmony_ci# @ohos.security.certManager (Certificate Management) (System API) 2e41f4b71Sopenharmony_ci 3e41f4b71Sopenharmony_ciThe **certManager** module provides system-level certificate management capabilities to ensure secure use and management of certificates throughout their lifecycle (installation, storage, use, and destruction). 4e41f4b71Sopenharmony_ci 5e41f4b71Sopenharmony_ci> **NOTE** 6e41f4b71Sopenharmony_ci> 7e41f4b71Sopenharmony_ci> - The initial APIs of this module are supported since API version 11. Newly added APIs will be marked with a superscript to indicate their earliest API version. 8e41f4b71Sopenharmony_ci> - This topic describes only the system APIs provided by the module. For details about its public APIs, see [@ohos.security.certManager (Certificate Management)](js-apis-certManager.md). 9e41f4b71Sopenharmony_ci 10e41f4b71Sopenharmony_ci## Modules to Import 11e41f4b71Sopenharmony_ci 12e41f4b71Sopenharmony_ci```ts 13e41f4b71Sopenharmony_ciimport { certificateManager } from '@kit.DeviceCertificateKit'; 14e41f4b71Sopenharmony_ci``` 15e41f4b71Sopenharmony_ci 16e41f4b71Sopenharmony_ci## CMErrorCode 17e41f4b71Sopenharmony_ci 18e41f4b71Sopenharmony_ciEnumerates the error codes used in the certificate management APIs. 19e41f4b71Sopenharmony_ci 20e41f4b71Sopenharmony_ci**System capability**: System SystemCapability.Security.CertificateManager 21e41f4b71Sopenharmony_ci 22e41f4b71Sopenharmony_ci| Name | Value | Description | 23e41f4b71Sopenharmony_ci| ---------- | ------ | --------- | 24e41f4b71Sopenharmony_ci| CM_ERROR_NOT_SYSTEM_APP | 202 | The caller is not a system application.<br>**System API**: This is a system API. | 25e41f4b71Sopenharmony_ci 26e41f4b71Sopenharmony_ci## certificateManager.getAllAppPrivateCertificates 27e41f4b71Sopenharmony_ci 28e41f4b71Sopenharmony_cigetAllAppPrivateCertificates(callback: AsyncCallback\<CMResult>): void 29e41f4b71Sopenharmony_ci 30e41f4b71Sopenharmony_ciObtains all private credentials. This API uses an asynchronous callback to return the result. 31e41f4b71Sopenharmony_ci 32e41f4b71Sopenharmony_ci**Required permissions**: ohos.permission.ACCESS_CERT_MANAGER and ohos.permission.ACCESS_CERT_MANAGER_INTERNAL 33e41f4b71Sopenharmony_ci 34e41f4b71Sopenharmony_ci**System capability**: System SystemCapability.Security.CertificateManager 35e41f4b71Sopenharmony_ci 36e41f4b71Sopenharmony_ci**System API**: This is a system API. 37e41f4b71Sopenharmony_ci 38e41f4b71Sopenharmony_ci**Parameters** 39e41f4b71Sopenharmony_ci 40e41f4b71Sopenharmony_ci| Name | Type | Mandatory | Description | 41e41f4b71Sopenharmony_ci| -------- | ----------------------------------------------------------- | ---- | ------------------------------------------------------------ | 42e41f4b71Sopenharmony_ci| callback | AsyncCallback\<[CMResult](js-apis-certManager.md#cmresult)> | Yes | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is **credentialList** in the [CMResult](#cmresult) object. Otherwise, **err** is an error object. | 43e41f4b71Sopenharmony_ci 44e41f4b71Sopenharmony_ci**Error codes** 45e41f4b71Sopenharmony_ci 46e41f4b71Sopenharmony_ciFor details about the following error codes, see [Certificate Management Error Codes](errorcode-certManager.md). 47e41f4b71Sopenharmony_ci 48e41f4b71Sopenharmony_ci| ID | Error Message | 49e41f4b71Sopenharmony_ci| -------- | ------------------------------------------------------------ | 50e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 51e41f4b71Sopenharmony_ci| 202 | Permission verification failed. A non-system application calls a system API. | 52e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 53e41f4b71Sopenharmony_ci| 17500001 | Internal error. | 54e41f4b71Sopenharmony_ci 55e41f4b71Sopenharmony_ci**Example** 56e41f4b71Sopenharmony_ci```ts 57e41f4b71Sopenharmony_ciimport { certificateManager } from '@kit.DeviceCertificateKit'; 58e41f4b71Sopenharmony_ci 59e41f4b71Sopenharmony_citry { 60e41f4b71Sopenharmony_ci certificateManager.getAllAppPrivateCertificates((err, cmResult) => { 61e41f4b71Sopenharmony_ci if (err != null) { 62e41f4b71Sopenharmony_ci console.error(`Failed to get all app private certificates. Code: ${err.code}, message: ${err.message}`); 63e41f4b71Sopenharmony_ci } else { 64e41f4b71Sopenharmony_ci if (cmResult.credentialList == undefined) { 65e41f4b71Sopenharmony_ci console.info('The result of getting all app private certificates is undefined.'); 66e41f4b71Sopenharmony_ci } else { 67e41f4b71Sopenharmony_ci let list = cmResult.credentialList; 68e41f4b71Sopenharmony_ci console.info('Succeeded in getting all app private certificates.'); 69e41f4b71Sopenharmony_ci } 70e41f4b71Sopenharmony_ci } 71e41f4b71Sopenharmony_ci }); 72e41f4b71Sopenharmony_ci} catch (error) { 73e41f4b71Sopenharmony_ci console.error(`Failed to get all app private certificates. Code: ${error.code}, message: ${error.message}`); 74e41f4b71Sopenharmony_ci} 75e41f4b71Sopenharmony_ci``` 76e41f4b71Sopenharmony_ci 77e41f4b71Sopenharmony_ci## certificateManager.getAllAppPrivateCertificates 78e41f4b71Sopenharmony_ci 79e41f4b71Sopenharmony_cigetAllAppPrivateCertificates(): Promise\<CMResult> 80e41f4b71Sopenharmony_ci 81e41f4b71Sopenharmony_ciObtains all private credentials. This API uses a promise to return the result. 82e41f4b71Sopenharmony_ci 83e41f4b71Sopenharmony_ci**Required permissions**: ohos.permission.ACCESS_CERT_MANAGER and ohos.permission.ACCESS_CERT_MANAGER_INTERNAL 84e41f4b71Sopenharmony_ci 85e41f4b71Sopenharmony_ci**System capability**: System SystemCapability.Security.CertificateManager 86e41f4b71Sopenharmony_ci 87e41f4b71Sopenharmony_ci**System API**: This is a system API. 88e41f4b71Sopenharmony_ci 89e41f4b71Sopenharmony_ci**Return value** 90e41f4b71Sopenharmony_ci 91e41f4b71Sopenharmony_ci| Type | Description | 92e41f4b71Sopenharmony_ci| ----------------------------------------------------- | ------------------------------------------------------------ | 93e41f4b71Sopenharmony_ci| Promise\<[CMResult](js-apis-certManager.md#cmresult)> | Promise used to return all the private credentials obtained, that is, **credentialList** in the [CMResult](#cmresult) object. | 94e41f4b71Sopenharmony_ci 95e41f4b71Sopenharmony_ci**Error codes** 96e41f4b71Sopenharmony_ci 97e41f4b71Sopenharmony_ciFor details about the following error codes, see [Certificate Management Error Codes](errorcode-certManager.md). 98e41f4b71Sopenharmony_ci 99e41f4b71Sopenharmony_ci| ID | Error Message | 100e41f4b71Sopenharmony_ci| -------- | ------------- | 101e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 102e41f4b71Sopenharmony_ci| 202 | Permission verification failed. A non-system application calls a system API. | 103e41f4b71Sopenharmony_ci| 17500001 | Internal error. | 104e41f4b71Sopenharmony_ci 105e41f4b71Sopenharmony_ci**Example** 106e41f4b71Sopenharmony_ci```ts 107e41f4b71Sopenharmony_ciimport { certificateManager } from '@kit.DeviceCertificateKit'; 108e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 109e41f4b71Sopenharmony_ci 110e41f4b71Sopenharmony_citry { 111e41f4b71Sopenharmony_ci certificateManager.getAllAppPrivateCertificates().then((cmResult) => { 112e41f4b71Sopenharmony_ci if (cmResult.credentialList == undefined) { 113e41f4b71Sopenharmony_ci console.info('The result of getting all app private certificates is undefined.'); 114e41f4b71Sopenharmony_ci } else { 115e41f4b71Sopenharmony_ci let list = cmResult.credentialList; 116e41f4b71Sopenharmony_ci console.info('Succeeded in getting all app private certificates.'); 117e41f4b71Sopenharmony_ci } 118e41f4b71Sopenharmony_ci }).catch((err: BusinessError) => { 119e41f4b71Sopenharmony_ci console.error(`Failed to get all app private certificates. Code: ${err.code}, message: ${err.message}`); 120e41f4b71Sopenharmony_ci }) 121e41f4b71Sopenharmony_ci} catch (error) { 122e41f4b71Sopenharmony_ci console.error(`Failed to get all app private certificates. Code: ${error.code}, message: ${error.message}`); 123e41f4b71Sopenharmony_ci} 124e41f4b71Sopenharmony_ci``` 125e41f4b71Sopenharmony_ci 126e41f4b71Sopenharmony_ci## certificateManager.getAllSystemAppCertificates<sup>12+</sup> 127e41f4b71Sopenharmony_ci 128e41f4b71Sopenharmony_cigetAllSystemAppCertificates(): Promise\<CMResult> 129e41f4b71Sopenharmony_ci 130e41f4b71Sopenharmony_ciObtains all system credentials. This API uses a promise to return the result. 131e41f4b71Sopenharmony_ci 132e41f4b71Sopenharmony_ci**Required permissions**: ohos.permission.ACCESS_CERT_MANAGER 133e41f4b71Sopenharmony_ci 134e41f4b71Sopenharmony_ci**System capability**: System SystemCapability.Security.CertificateManager 135e41f4b71Sopenharmony_ci 136e41f4b71Sopenharmony_ci**System API**: This is a system API. 137e41f4b71Sopenharmony_ci 138e41f4b71Sopenharmony_ci**Return value** 139e41f4b71Sopenharmony_ci 140e41f4b71Sopenharmony_ci| Type | Description | 141e41f4b71Sopenharmony_ci| ----------------------------------------------------- | ------------------------------------------------------------ | 142e41f4b71Sopenharmony_ci| Promise\<[CMResult](js-apis-certManager.md#cmresult)> | Promise used to return all the system credentials obtained, that is, **credentialList** in the [CMResult](#cmresult) object. | 143e41f4b71Sopenharmony_ci 144e41f4b71Sopenharmony_ci**Error codes** 145e41f4b71Sopenharmony_ci 146e41f4b71Sopenharmony_ciFor details about the following error codes, see [Certificate Management Error Codes](errorcode-certManager.md). 147e41f4b71Sopenharmony_ci 148e41f4b71Sopenharmony_ci| ID | Error Message | 149e41f4b71Sopenharmony_ci| -------- | ------------- | 150e41f4b71Sopenharmony_ci| 201 | Permission verification failed. The application does not have the permission required to call the API. | 151e41f4b71Sopenharmony_ci| 202 | Permission verification failed. A non-system application calls a system API. | 152e41f4b71Sopenharmony_ci| 17500001 | Internal error. | 153e41f4b71Sopenharmony_ci 154e41f4b71Sopenharmony_ci**Example** 155e41f4b71Sopenharmony_ci```ts 156e41f4b71Sopenharmony_ciimport { certificateManager } from '@kit.DeviceCertificateKit'; 157e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 158e41f4b71Sopenharmony_ci 159e41f4b71Sopenharmony_citry { 160e41f4b71Sopenharmony_ci certificateManager.getAllSystemAppCertificates().then((cmResult) => { 161e41f4b71Sopenharmony_ci if (cmResult.credentialList == undefined) { 162e41f4b71Sopenharmony_ci console.info('The result of getting all system app certificates is undefined.'); 163e41f4b71Sopenharmony_ci } else { 164e41f4b71Sopenharmony_ci let list = cmResult.credentialList; 165e41f4b71Sopenharmony_ci console.info('Succeeded in getting all system app certificates.'); 166e41f4b71Sopenharmony_ci } 167e41f4b71Sopenharmony_ci }).catch((err: BusinessError) => { 168e41f4b71Sopenharmony_ci console.error(`Failed to get all system app certificates. Code: ${err.code}, message: ${err.message}`); 169e41f4b71Sopenharmony_ci }) 170e41f4b71Sopenharmony_ci} catch (error) { 171e41f4b71Sopenharmony_ci console.error(`Failed to get all system app certificates. Code: ${error.code}, message: ${error.message}`); 172e41f4b71Sopenharmony_ci} 173e41f4b71Sopenharmony_ci``` 174