Package software.amazon.awssdk.services.acmpca.model

Class CertificateAuthority

    • Method Detail

      • arn

        public final String arn()

        Amazon Resource Name (ARN) for your private certificate authority (CA). The format is 12345678-1234-1234-1234-123456789012 .

        Returns:
        Amazon Resource Name (ARN) for your private certificate authority (CA). The format is 12345678-1234-1234-1234-123456789012 .

      • ownerAccount

        public final String ownerAccount()

        The Amazon Web Services account ID that owns the certificate authority.

        Returns:
        The Amazon Web Services account ID that owns the certificate authority.

      • createdAt

        public final Instant createdAt()

        Date and time at which your private CA was created.

        Returns:
        Date and time at which your private CA was created.

      • lastStateChangeAt

        public final Instant lastStateChangeAt()

        Date and time at which your private CA was last updated.

        Returns:
        Date and time at which your private CA was last updated.

      • serial

        public final String serial()

        Serial number of your private CA.

        Returns:
        Serial number of your private CA.

      • notBefore

        public final Instant notBefore()

        Date and time before which your private CA certificate is not valid.

        Returns:
        Date and time before which your private CA certificate is not valid.

      • notAfter

        public final Instant notAfter()

        Date and time after which your private CA certificate is not valid.

        Returns:
        Date and time after which your private CA certificate is not valid.

      • failureReason

        public final FailureReason failureReason()

        Reason the request to create your private CA failed.

        If the service returns an enum value that is not available in the current SDK version, failureReason will return FailureReason.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from failureReasonAsString().

        Returns:
        Reason the request to create your private CA failed.
        See Also:
        FailureReason

      • failureReasonAsString

        public final String failureReasonAsString()

        Reason the request to create your private CA failed.

        If the service returns an enum value that is not available in the current SDK version, failureReason will return FailureReason.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from failureReasonAsString().

        Returns:
        Reason the request to create your private CA failed.
        See Also:
        FailureReason

      • certificateAuthorityConfiguration

        public final CertificateAuthorityConfiguration certificateAuthorityConfiguration()

        Your private CA configuration.

        Returns:
        Your private CA configuration.

      • revocationConfiguration

        public final RevocationConfiguration revocationConfiguration()

        Information about the Online Certificate Status Protocol (OCSP) configuration or certificate revocation list (CRL) created and maintained by your private CA.

        Returns:
        Information about the Online Certificate Status Protocol (OCSP) configuration or certificate revocation list (CRL) created and maintained by your private CA.

      • restorableUntil

        public final Instant restorableUntil()

        The period during which a deleted CA can be restored. For more information, see the PermanentDeletionTimeInDays parameter of the DeleteCertificateAuthorityRequest action.

        Returns:
        The period during which a deleted CA can be restored. For more information, see the PermanentDeletionTimeInDays parameter of the DeleteCertificateAuthorityRequest action.

      • keyStorageSecurityStandard

        public final KeyStorageSecurityStandard keyStorageSecurityStandard()

        Defines a cryptographic key management compliance standard used for handling CA keys.

        Default: FIPS_140_2_LEVEL_3_OR_HIGHER

        Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value) results in an InvalidArgsException with the message "A certificate authority cannot be created in this region with the specified security standard."

        If the service returns an enum value that is not available in the current SDK version, keyStorageSecurityStandard will return KeyStorageSecurityStandard.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keyStorageSecurityStandardAsString().

        Returns:
        Defines a cryptographic key management compliance standard used for handling CA keys.

        Default: FIPS_140_2_LEVEL_3_OR_HIGHER

        Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value) results in an InvalidArgsException with the message "A certificate authority cannot be created in this region with the specified security standard."

        See Also:
        KeyStorageSecurityStandard

      • keyStorageSecurityStandardAsString

        public final String keyStorageSecurityStandardAsString()

        Defines a cryptographic key management compliance standard used for handling CA keys.

        Default: FIPS_140_2_LEVEL_3_OR_HIGHER

        Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value) results in an InvalidArgsException with the message "A certificate authority cannot be created in this region with the specified security standard."

        If the service returns an enum value that is not available in the current SDK version, keyStorageSecurityStandard will return KeyStorageSecurityStandard.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from keyStorageSecurityStandardAsString().

        Returns:
        Defines a cryptographic key management compliance standard used for handling CA keys.

        Default: FIPS_140_2_LEVEL_3_OR_HIGHER

        Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value) results in an InvalidArgsException with the message "A certificate authority cannot be created in this region with the specified security standard."

        See Also:
        KeyStorageSecurityStandard

      • usageMode

        public final CertificateAuthorityUsageMode usageMode()

        Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.

        The default value is GENERAL_PURPOSE.

        If the service returns an enum value that is not available in the current SDK version, usageMode will return CertificateAuthorityUsageMode.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from usageModeAsString().

        Returns:
        Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.

        The default value is GENERAL_PURPOSE.

        See Also:
        CertificateAuthorityUsageMode

      • usageModeAsString

        public final String usageModeAsString()

        Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.

        The default value is GENERAL_PURPOSE.

        If the service returns an enum value that is not available in the current SDK version, usageMode will return CertificateAuthorityUsageMode.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from usageModeAsString().

        Returns:
        Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.

        The default value is GENERAL_PURPOSE.

        See Also:
        CertificateAuthorityUsageMode

      • hashCode

        public final int hashCode()
        Overrides:
        hashCode in class Object

      • equals

        public final boolean equals​(Object obj)
        Overrides:
        equals in class Object

      • toString

        public final String toString()
        Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
        Overrides:
        toString in class Object

      • getValueForField

        public final <T> Optional<T> getValueForField​(String fieldName,
                                              Class<T> clazz)