AWS Certificate Manager
API Reference (API Version 2015-12-08)

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

ExtendedKeyUsage

The Extended Key Usage X.509 v3 extension defines one or more purposes for which the public key can be used. This is in addition to or in place of the basic purposes specified by the Key Usage extension.

Contents

Note

In the following list, the required parameters are described first.

Name

The name of an Extended Key Usage value.

Type: String

Valid Values: TLS_WEB_SERVER_AUTHENTICATION | TLS_WEB_CLIENT_AUTHENTICATION | CODE_SIGNING | EMAIL_PROTECTION | TIME_STAMPING | OCSP_SIGNING | IPSEC_END_SYSTEM | IPSEC_TUNNEL | IPSEC_USER | ANY | NONE | CUSTOM

Required: No

OID

An object identifier (OID) for the extension value. OIDs are strings of numbers separated by periods. The following OIDs are defined in RFC 3280 and RFC 5280.

  • 1.3.6.1.5.5.7.3.1 (TLS_WEB_SERVER_AUTHENTICATION)

  • 1.3.6.1.5.5.7.3.2 (TLS_WEB_CLIENT_AUTHENTICATION)

  • 1.3.6.1.5.5.7.3.3 (CODE_SIGNING)

  • 1.3.6.1.5.5.7.3.4 (EMAIL_PROTECTION)

  • 1.3.6.1.5.5.7.3.8 (TIME_STAMPING)

  • 1.3.6.1.5.5.7.3.9 (OCSP_SIGNING)

  • 1.3.6.1.5.5.7.3.5 (IPSEC_END_SYSTEM)

  • 1.3.6.1.5.5.7.3.6 (IPSEC_TUNNEL)

  • 1.3.6.1.5.5.7.3.7 (IPSEC_USER)

Type: String

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

On this page: