Interface ICfnCertificateProps
Properties for defining a CfnCertificate
.
Namespace: Amazon.CDK.AWS.ACMPCA
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface ICfnCertificateProps
Syntax (vb)
Public Interface ICfnCertificateProps
Remarks
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-acmpca-certificate.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.ACMPCA;
var cfnCertificateProps = new CfnCertificateProps {
CertificateAuthorityArn = "certificateAuthorityArn",
CertificateSigningRequest = "certificateSigningRequest",
SigningAlgorithm = "signingAlgorithm",
Validity = new ValidityProperty {
Type = "type",
Value = 123
},
// the properties below are optional
ApiPassthrough = new ApiPassthroughProperty {
Extensions = new ExtensionsProperty {
CertificatePolicies = new [] { new PolicyInformationProperty {
CertPolicyId = "certPolicyId",
// the properties below are optional
PolicyQualifiers = new [] { new PolicyQualifierInfoProperty {
PolicyQualifierId = "policyQualifierId",
Qualifier = new QualifierProperty {
CpsUri = "cpsUri"
}
} }
} },
CustomExtensions = new [] { new CustomExtensionProperty {
ObjectIdentifier = "objectIdentifier",
Value = "value",
// the properties below are optional
Critical = false
} },
ExtendedKeyUsage = new [] { new ExtendedKeyUsageProperty {
ExtendedKeyUsageObjectIdentifier = "extendedKeyUsageObjectIdentifier",
ExtendedKeyUsageType = "extendedKeyUsageType"
} },
KeyUsage = new KeyUsageProperty {
CrlSign = false,
DataEncipherment = false,
DecipherOnly = false,
DigitalSignature = false,
EncipherOnly = false,
KeyAgreement = false,
KeyCertSign = false,
KeyEncipherment = false,
NonRepudiation = false
},
SubjectAlternativeNames = new [] { new GeneralNameProperty {
DirectoryName = new SubjectProperty {
CommonName = "commonName",
Country = "country",
CustomAttributes = new [] { new CustomAttributeProperty {
ObjectIdentifier = "objectIdentifier",
Value = "value"
} },
DistinguishedNameQualifier = "distinguishedNameQualifier",
GenerationQualifier = "generationQualifier",
GivenName = "givenName",
Initials = "initials",
Locality = "locality",
Organization = "organization",
OrganizationalUnit = "organizationalUnit",
Pseudonym = "pseudonym",
SerialNumber = "serialNumber",
State = "state",
Surname = "surname",
Title = "title"
},
DnsName = "dnsName",
EdiPartyName = new EdiPartyNameProperty {
NameAssigner = "nameAssigner",
PartyName = "partyName"
},
IpAddress = "ipAddress",
OtherName = new OtherNameProperty {
TypeId = "typeId",
Value = "value"
},
RegisteredId = "registeredId",
Rfc822Name = "rfc822Name",
UniformResourceIdentifier = "uniformResourceIdentifier"
} }
},
Subject = new SubjectProperty {
CommonName = "commonName",
Country = "country",
CustomAttributes = new [] { new CustomAttributeProperty {
ObjectIdentifier = "objectIdentifier",
Value = "value"
} },
DistinguishedNameQualifier = "distinguishedNameQualifier",
GenerationQualifier = "generationQualifier",
GivenName = "givenName",
Initials = "initials",
Locality = "locality",
Organization = "organization",
OrganizationalUnit = "organizationalUnit",
Pseudonym = "pseudonym",
SerialNumber = "serialNumber",
State = "state",
Surname = "surname",
Title = "title"
}
},
TemplateArn = "templateArn",
ValidityNotBefore = new ValidityProperty {
Type = "type",
Value = 123
}
};
Synopsis
Properties
ApiPassthrough | Specifies X.509 certificate information to be included in the issued certificate. An |
CertificateAuthorityArn | The Amazon Resource Name (ARN) for the private CA issues the certificate. |
CertificateSigningRequest | The certificate signing request (CSR) for the certificate. |
SigningAlgorithm | The name of the algorithm that will be used to sign the certificate to be issued. |
TemplateArn | Specifies a custom configuration template to use when issuing a certificate. |
Validity | The period of time during which the certificate will be valid. |
ValidityNotBefore | Information describing the start of the validity period of the certificate. |
Properties
ApiPassthrough
Specifies X.509 certificate information to be included in the issued certificate. An APIPassthrough
or APICSRPassthrough
template variant must be selected, or else this parameter is ignored.
virtual object ApiPassthrough { get; }
Property Value
System.Object
Remarks
CertificateAuthorityArn
The Amazon Resource Name (ARN) for the private CA issues the certificate.
string CertificateAuthorityArn { get; }
Property Value
System.String
Remarks
CertificateSigningRequest
The certificate signing request (CSR) for the certificate.
string CertificateSigningRequest { get; }
Property Value
System.String
Remarks
SigningAlgorithm
The name of the algorithm that will be used to sign the certificate to be issued.
string SigningAlgorithm { get; }
Property Value
System.String
Remarks
This parameter should not be confused with the SigningAlgorithm
parameter used to sign a CSR in the CreateCertificateAuthority
action.
The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.
TemplateArn
Specifies a custom configuration template to use when issuing a certificate.
virtual string TemplateArn { get; }
Property Value
System.String
Remarks
If this parameter is not provided, AWS Private CA defaults to the EndEntityCertificate/V1
template. For more information about AWS Private CA templates, see Using Templates .
Validity
The period of time during which the certificate will be valid.
object Validity { get; }
Property Value
System.Object
Remarks
ValidityNotBefore
Information describing the start of the validity period of the certificate.
virtual object ValidityNotBefore { get; }
Property Value
System.Object
Remarks
This parameter sets the “Not Before" date for the certificate.
By default, when issuing a certificate, AWS Private CA sets the "Not Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ValidityNotBefore
parameter can be used to customize the “Not Before” value.
Unlike the Validity
parameter, the ValidityNotBefore
parameter is optional.
The ValidityNotBefore
value is expressed as an explicit date and time, using the Validity
type value ABSOLUTE
.