TemplateV4

Certificate validity describes the validity and renewal periods of a certificate.

Type: CertificateValidity object

Required: Yes

Enrollment flags describe the enrollment settings for certificates using the existing private key and deleting expired or revoked certificates.

Type: EnrollmentFlagsV4 object

Required: Yes

Extensions describe the key usage extensions and application policies for a template.

Type: ExtensionsV4 object

Required: Yes

General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.

Type: GeneralFlagsV4 object

Required: Yes

Private key attributes allow you to specify the minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v4 templates. V4 templates allow you to use either Key Storage Providers or Legacy Cryptographic Service Providers. You specify the cryptography provider category in private key flags.

Type: PrivateKeyAttributesV4 object

Required: Yes

Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.

Type: PrivateKeyFlagsV4 object

Required: Yes

Subject name flags describe the subject name and subject alternate name that is included in a certificate.

Type: SubjectNameFlagsV4 object

Required: Yes

Specifies the hash algorithm used to hash the private key. Hash algorithm can only be specified when using Key Storage Providers.

Type: String

Valid Values: SHA256 | SHA384 | SHA512

Required: No

List of templates in Active Directory that are superseded by this template.

Type: Array of strings

Array Members: Minimum number of 1 item. Maximum number of 100 items.

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: ^(?!^\s+$)((?![\x5c'\x2b,;<=>#\x22])([\x20-\x7E]))+$

Required: No