@Generated(value="jsii-pacmak/1.50.0 (build d1830a4)", date="2022-01-04T15:39:01.296Z") @Stability(value=Stable) public interface CfnCertificateAuthorityProps extends software.amazon.jsii.JsiiSerializable
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.acmpca.*;
CfnCertificateAuthorityProps cfnCertificateAuthorityProps = CfnCertificateAuthorityProps.builder()
.keyAlgorithm("keyAlgorithm")
.signingAlgorithm("signingAlgorithm")
.subject(SubjectProperty.builder()
.commonName("commonName")
.country("country")
.distinguishedNameQualifier("distinguishedNameQualifier")
.generationQualifier("generationQualifier")
.givenName("givenName")
.initials("initials")
.locality("locality")
.organization("organization")
.organizationalUnit("organizationalUnit")
.pseudonym("pseudonym")
.serialNumber("serialNumber")
.state("state")
.surname("surname")
.title("title")
.build())
.type("type")
// the properties below are optional
.csrExtensions(CsrExtensionsProperty.builder()
.keyUsage(KeyUsageProperty.builder()
.crlSign(false)
.dataEncipherment(false)
.decipherOnly(false)
.digitalSignature(false)
.encipherOnly(false)
.keyAgreement(false)
.keyCertSign(false)
.keyEncipherment(false)
.nonRepudiation(false)
.build())
.subjectInformationAccess(List.of(AccessDescriptionProperty.builder()
.accessLocation(GeneralNameProperty.builder()
.directoryName(SubjectProperty.builder()
.commonName("commonName")
.country("country")
.distinguishedNameQualifier("distinguishedNameQualifier")
.generationQualifier("generationQualifier")
.givenName("givenName")
.initials("initials")
.locality("locality")
.organization("organization")
.organizationalUnit("organizationalUnit")
.pseudonym("pseudonym")
.serialNumber("serialNumber")
.state("state")
.surname("surname")
.title("title")
.build())
.dnsName("dnsName")
.ediPartyName(EdiPartyNameProperty.builder()
.nameAssigner("nameAssigner")
.partyName("partyName")
.build())
.ipAddress("ipAddress")
.otherName(OtherNameProperty.builder()
.typeId("typeId")
.value("value")
.build())
.registeredId("registeredId")
.rfc822Name("rfc822Name")
.uniformResourceIdentifier("uniformResourceIdentifier")
.build())
.accessMethod(AccessMethodProperty.builder()
.accessMethodType("accessMethodType")
.customObjectIdentifier("customObjectIdentifier")
.build())
.build()))
.build())
.keyStorageSecurityStandard("keyStorageSecurityStandard")
.revocationConfiguration(RevocationConfigurationProperty.builder()
.crlConfiguration(CrlConfigurationProperty.builder()
.customCname("customCname")
.enabled(false)
.expirationInDays(123)
.s3BucketName("s3BucketName")
.s3ObjectAcl("s3ObjectAcl")
.build())
.ocspConfiguration(OcspConfigurationProperty.builder()
.enabled(false)
.ocspCustomCname("ocspCustomCname")
.build())
.build())
.tags(List.of(CfnTag.builder()
.key("key")
.value("value")
.build()))
.build();
| Modifier and Type | Interface and Description |
|---|---|
static class |
CfnCertificateAuthorityProps.Builder
A builder for
CfnCertificateAuthorityProps |
static class |
CfnCertificateAuthorityProps.Jsii$Proxy
An implementation for
CfnCertificateAuthorityProps |
| Modifier and Type | Method and Description |
|---|---|
static CfnCertificateAuthorityProps.Builder |
builder() |
default Object |
getCsrExtensions()
Specifies information to be added to the extension section of the certificate signing request (CSR).
|
String |
getKeyAlgorithm()
Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate.
|
default String |
getKeyStorageSecurityStandard()
Specifies a cryptographic key management compliance standard used for handling CA keys.
|
default Object |
getRevocationConfiguration()
Information about the certificate revocation list (CRL) created and maintained by your private CA.
|
String |
getSigningAlgorithm()
Name of the algorithm your private CA uses to sign certificate requests.
|
Object |
getSubject()
Structure that contains X.500 distinguished name information for your private CA.
|
default List<CfnTag> |
getTags()
Key-value pairs that will be attached to the new private CA.
|
String |
getType()
Type of your private CA.
|
@Stability(value=Stable) @NotNull String getKeyAlgorithm()
When you create a subordinate CA, you must use a key algorithm supported by the parent CA.
@Stability(value=Stable) @NotNull String getSigningAlgorithm()
This parameter should not be confused with the SigningAlgorithm parameter used to sign certificates when they are issued.
@Stability(value=Stable) @NotNull Object getSubject()
@Stability(value=Stable) @NotNull String getType()
@Stability(value=Stable) @Nullable default Object getCsrExtensions()
@Stability(value=Stable) @Nullable default String getKeyStorageSecurityStandard()
Default: FIPS_140_2_LEVEL_3_OR_HIGHER
Note: FIPS_140_2_LEVEL_3_OR_HIGHER is not supported in Region ap-northeast-3. When creating a CA in the ap-northeast-3, you must provide FIPS_140_2_LEVEL_2_OR_HIGHER as the argument for KeyStorageSecurityStandard . Failure to do this results in an InvalidArgsException with the message, "A certificate authority cannot be created in this region with the specified security standard."
@Stability(value=Stable) @Nullable default Object getRevocationConfiguration()
Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions. Your certificate authority can create and maintain a certificate revocation list (CRL). A CRL contains information about certificates that have been revoked.
@Stability(value=Stable) @Nullable default List<CfnTag> getTags()
You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see Controlling Access Using IAM Tags .
@Stability(value=Stable) static CfnCertificateAuthorityProps.Builder builder()
Copyright © 2022. All rights reserved.