1# @ohos.security.certManager (Certificate Management) (System API)
2
3The **certManager** module provides system-level certificate management capabilities to ensure secure use and management of certificates throughout their lifecycle (installation, storage, use, and destruction).
4
5> **NOTE**
6>
7> - The initial APIs of this module are supported since API version 11. Newly added APIs will be marked with a superscript to indicate their earliest API version.
8> - This topic describes only the system APIs provided by the module. For details about its public APIs, see [@ohos.security.certManager (Certificate Management)](js-apis-certManager.md).
9
10## Modules to Import
11
12```ts
13import { certificateManager } from '@kit.DeviceCertificateKit';
14```
15
16## CMErrorCode
17
18Enumerates the error codes used in the certificate management APIs.
19
20**System capability**: System SystemCapability.Security.CertificateManager
21
22| Name      | Value |  Description     |
23| ---------- | ------ | --------- |
24| CM_ERROR_NOT_SYSTEM_APP   | 202      | The caller is not a system application.<br>**System API**: This is a system API. |
25
26## certificateManager.getAllAppPrivateCertificates
27
28getAllAppPrivateCertificates(callback: AsyncCallback\<CMResult>): void
29
30Obtains all private credentials. This API uses an asynchronous callback to return the result.
31
32**Required permissions**: ohos.permission.ACCESS_CERT_MANAGER and ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
33
34**System capability**: System SystemCapability.Security.CertificateManager
35
36**System API**: This is a system API.
37
38**Parameters**
39
40| Name  | Type                                                       | Mandatory | Description                                                        |
41| -------- | ----------------------------------------------------------- | ---- | ------------------------------------------------------------ |
42| callback | AsyncCallback\<[CMResult](js-apis-certManager.md#cmresult)> | Yes  | Callback used to return the result. If the operation is successful, **err** is **null** and **data** is **credentialList** in the [CMResult](#cmresult) object. Otherwise, **err** is an error object. |
43
44**Error codes**
45
46For details about the following error codes, see [Certificate Management Error Codes](errorcode-certManager.md).
47
48| ID | Error Message                                                    |
49| -------- | ------------------------------------------------------------ |
50| 201 | Permission verification failed. The application does not have the permission required to call the API. |
51| 202 | Permission verification failed. A non-system application calls a system API. |
52| 401      | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. |
53| 17500001 | Internal error. |
54
55**Example**
56```ts
57import { certificateManager } from '@kit.DeviceCertificateKit';
58
59try {
60  certificateManager.getAllAppPrivateCertificates((err, cmResult) => {
61    if (err != null) {
62      console.error(`Failed to get all app private certificates. Code: ${err.code}, message: ${err.message}`);
63    } else {
64      if (cmResult.credentialList == undefined) {
65        console.info('The result of getting all app private certificates is undefined.');
66      } else {
67        let list = cmResult.credentialList;
68        console.info('Succeeded in getting all app private certificates.');
69      }
70    }
71  });
72} catch (error) {
73  console.error(`Failed to get all app private certificates. Code: ${error.code}, message: ${error.message}`);
74}
75```
76
77## certificateManager.getAllAppPrivateCertificates
78
79getAllAppPrivateCertificates(): Promise\<CMResult>
80
81Obtains all private credentials. This API uses a promise to return the result.
82
83**Required permissions**: ohos.permission.ACCESS_CERT_MANAGER and ohos.permission.ACCESS_CERT_MANAGER_INTERNAL
84
85**System capability**: System SystemCapability.Security.CertificateManager
86
87**System API**: This is a system API.
88
89**Return value**
90
91| Type                                                 | Description                                                        |
92| ----------------------------------------------------- | ------------------------------------------------------------ |
93| Promise\<[CMResult](js-apis-certManager.md#cmresult)> | Promise used to return all the private credentials obtained, that is, **credentialList** in the [CMResult](#cmresult) object. |
94
95**Error codes**
96
97For details about the following error codes, see [Certificate Management Error Codes](errorcode-certManager.md).
98
99| ID | Error Message     |
100| -------- | ------------- |
101| 201 | Permission verification failed. The application does not have the permission required to call the API. |
102| 202 | Permission verification failed. A non-system application calls a system API. |
103| 17500001 | Internal error. |
104
105**Example**
106```ts
107import { certificateManager } from '@kit.DeviceCertificateKit';
108import { BusinessError } from '@kit.BasicServicesKit';
109
110try {
111  certificateManager.getAllAppPrivateCertificates().then((cmResult) => {
112    if (cmResult.credentialList == undefined) {
113      console.info('The result of getting all app private certificates is undefined.');
114    } else {
115      let list = cmResult.credentialList;
116      console.info('Succeeded in getting all app private certificates.');
117    }
118  }).catch((err: BusinessError) => {
119    console.error(`Failed to get all app private certificates. Code: ${err.code}, message: ${err.message}`);
120  })
121} catch (error) {
122  console.error(`Failed to get all app private certificates. Code: ${error.code}, message: ${error.message}`);
123}
124```
125
126## certificateManager.getAllSystemAppCertificates<sup>12+</sup>
127
128getAllSystemAppCertificates(): Promise\<CMResult>
129
130Obtains all system credentials. This API uses a promise to return the result.
131
132**Required permissions**: ohos.permission.ACCESS_CERT_MANAGER
133
134**System capability**: System SystemCapability.Security.CertificateManager
135
136**System API**: This is a system API.
137
138**Return value**
139
140| Type                                                 | Description                                                        |
141| ----------------------------------------------------- | ------------------------------------------------------------ |
142| Promise\<[CMResult](js-apis-certManager.md#cmresult)> | Promise used to return all the system credentials obtained, that is, **credentialList** in the [CMResult](#cmresult) object. |
143
144**Error codes**
145
146For details about the following error codes, see [Certificate Management Error Codes](errorcode-certManager.md).
147
148| ID | Error Message     |
149| -------- | ------------- |
150| 201 | Permission verification failed. The application does not have the permission required to call the API. |
151| 202 | Permission verification failed. A non-system application calls a system API. |
152| 17500001 | Internal error. |
153
154**Example**
155```ts
156import { certificateManager } from '@kit.DeviceCertificateKit';
157import { BusinessError } from '@kit.BasicServicesKit';
158
159try {
160  certificateManager.getAllSystemAppCertificates().then((cmResult) => {
161    if (cmResult.credentialList == undefined) {
162      console.info('The result of getting all system app certificates is undefined.');
163    } else {
164      let list = cmResult.credentialList;
165      console.info('Succeeded in getting all system app certificates.');
166    }
167  }).catch((err: BusinessError) => {
168    console.error(`Failed to get all system app certificates. Code: ${err.code}, message: ${err.message}`);
169  })
170} catch (error) {
171  console.error(`Failed to get all system app certificates. Code: ${error.code}, message: ${error.message}`);
172}
173```
174