@Generated(value="jsii-pacmak/1.60.0 (build ebcefe6)",
date="2022-07-01T09:58:29.981Z")
public class CfnCertificate
extends CfnResource
implements IInspectable
The AWS::ACMPCA::Certificate resource is used to issue a certificate using your private certificate authority. For more information, see the IssueCertificate action.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.acmpca.*;
CfnCertificate cfnCertificate = CfnCertificate.Builder.create(this, "MyCfnCertificate")
.certificateAuthorityArn("certificateAuthorityArn")
.certificateSigningRequest("certificateSigningRequest")
.signingAlgorithm("signingAlgorithm")
.validity(ValidityProperty.builder()
.type("type")
.value(123)
.build())
// the properties below are optional
.apiPassthrough(ApiPassthroughProperty.builder()
.extensions(ExtensionsProperty.builder()
.certificatePolicies(List.of(PolicyInformationProperty.builder()
.certPolicyId("certPolicyId")
// the properties below are optional
.policyQualifiers(List.of(PolicyQualifierInfoProperty.builder()
.policyQualifierId("policyQualifierId")
.qualifier(QualifierProperty.builder()
.cpsUri("cpsUri")
.build())
.build()))
.build()))
.customExtensions(List.of(CustomExtensionProperty.builder()
.objectIdentifier("objectIdentifier")
.value("value")
// the properties below are optional
.critical(false)
.build()))
.extendedKeyUsage(List.of(ExtendedKeyUsageProperty.builder()
.extendedKeyUsageObjectIdentifier("extendedKeyUsageObjectIdentifier")
.extendedKeyUsageType("extendedKeyUsageType")
.build()))
.keyUsage(KeyUsageProperty.builder()
.crlSign(false)
.dataEncipherment(false)
.decipherOnly(false)
.digitalSignature(false)
.encipherOnly(false)
.keyAgreement(false)
.keyCertSign(false)
.keyEncipherment(false)
.nonRepudiation(false)
.build())
.subjectAlternativeNames(List.of(GeneralNameProperty.builder()
.directoryName(SubjectProperty.builder()
.commonName("commonName")
.country("country")
.customAttributes(List.of(CustomAttributeProperty.builder()
.objectIdentifier("objectIdentifier")
.value("value")
.build()))
.distinguishedNameQualifier("distinguishedNameQualifier")
.generationQualifier("generationQualifier")
.givenName("givenName")
.initials("initials")
.locality("locality")
.organization("organization")
.organizationalUnit("organizationalUnit")
.pseudonym("pseudonym")
.serialNumber("serialNumber")
.state("state")
.surname("surname")
.title("title")
.build())
.dnsName("dnsName")
.ediPartyName(EdiPartyNameProperty.builder()
.nameAssigner("nameAssigner")
.partyName("partyName")
.build())
.ipAddress("ipAddress")
.otherName(OtherNameProperty.builder()
.typeId("typeId")
.value("value")
.build())
.registeredId("registeredId")
.rfc822Name("rfc822Name")
.uniformResourceIdentifier("uniformResourceIdentifier")
.build()))
.build())
.subject(SubjectProperty.builder()
.commonName("commonName")
.country("country")
.customAttributes(List.of(CustomAttributeProperty.builder()
.objectIdentifier("objectIdentifier")
.value("value")
.build()))
.distinguishedNameQualifier("distinguishedNameQualifier")
.generationQualifier("generationQualifier")
.givenName("givenName")
.initials("initials")
.locality("locality")
.organization("organization")
.organizationalUnit("organizationalUnit")
.pseudonym("pseudonym")
.serialNumber("serialNumber")
.state("state")
.surname("surname")
.title("title")
.build())
.build())
.templateArn("templateArn")
.validityNotBefore(ValidityProperty.builder()
.type("type")
.value(123)
.build())
.build();
| Modifier and Type | Class and Description |
|---|---|
static interface |
CfnCertificate.ApiPassthroughProperty
Contains X.509 certificate information to be placed in an issued certificate.
|
static class |
CfnCertificate.Builder
A fluent builder for
CfnCertificate. |
static interface |
CfnCertificate.CustomAttributeProperty
Defines the X.500 relative distinguished name (RDN).
|
static interface |
CfnCertificate.CustomExtensionProperty
Specifies the X.509 extension information for a certificate.
|
static interface |
CfnCertificate.EdiPartyNameProperty
Describes an Electronic Data Interchange (EDI) entity as described in as defined in [Subject Alternative Name](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280) in RFC 5280.
|
static interface |
CfnCertificate.ExtendedKeyUsageProperty
Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the `KeyUsage` extension.
|
static interface |
CfnCertificate.ExtensionsProperty
Contains X.509 extension information for a certificate.
|
static interface |
CfnCertificate.GeneralNameProperty
Describes an ASN.1 X.400 `GeneralName` as defined in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280) .
|
static interface |
CfnCertificate.KeyUsageProperty
Defines one or more purposes for which the key contained in the certificate can be used.
|
static interface |
CfnCertificate.OtherNameProperty
Defines a custom ASN.1 X.400 `GeneralName` using an object identifier (OID) and value.
|
static interface |
CfnCertificate.PolicyInformationProperty
Defines the X.509 `CertificatePolicies` extension.
|
static interface |
CfnCertificate.PolicyQualifierInfoProperty
Modifies the `CertPolicyId` of a `PolicyInformation` object with a qualifier.
|
static interface |
CfnCertificate.QualifierProperty
Defines a `PolicyInformation` qualifier.
|
static interface |
CfnCertificate.SubjectProperty
Contains information about the certificate subject.
|
static interface |
CfnCertificate.ValidityProperty
Length of time for which the certificate issued by your private certificate authority (CA), or by the private CA itself, is valid in days, months, or years.
|
IInspectable.Jsii$Default, IInspectable.Jsii$ProxyIConstruct.Jsii$Default| Modifier and Type | Field and Description |
|---|---|
static java.lang.String |
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
|
| Modifier | Constructor and Description |
|---|---|
|
CfnCertificate(Construct scope,
java.lang.String id,
CfnCertificateProps props)
Create a new `AWS::ACMPCA::Certificate`.
|
protected |
CfnCertificate(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
CfnCertificate(software.amazon.jsii.JsiiObjectRef objRef) |
| Modifier and Type | Method and Description |
|---|---|
java.lang.Object |
getApiPassthrough()
Specifies X.509 certificate information to be included in the issued certificate.
|
java.lang.String |
getAttrArn()
The Amazon Resource Name (ARN) of the issued certificate.
|
java.lang.String |
getAttrCertificate()
The issued Base64 PEM-encoded certificate.
|
java.lang.String |
getCertificateAuthorityArn()
The Amazon Resource Name (ARN) for the private CA issues the certificate.
|
java.lang.String |
getCertificateSigningRequest()
The certificate signing request (CSR) for the certificate.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
getCfnProperties() |
java.lang.String |
getSigningAlgorithm()
The name of the algorithm that will be used to sign the certificate to be issued.
|
java.lang.String |
getTemplateArn()
Specifies a custom configuration template to use when issuing a certificate.
|
java.lang.Object |
getValidity()
The period of time during which the certificate will be valid.
|
java.lang.Object |
getValidityNotBefore()
Information describing the start of the validity period of the certificate.
|
void |
inspect(TreeInspector inspector)
Examines the CloudFormation resource and discloses attributes.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
renderProperties(java.util.Map<java.lang.String,java.lang.Object> props) |
void |
setApiPassthrough(CfnCertificate.ApiPassthroughProperty value)
Specifies X.509 certificate information to be included in the issued certificate.
|
void |
setApiPassthrough(IResolvable value)
Specifies X.509 certificate information to be included in the issued certificate.
|
void |
setCertificateAuthorityArn(java.lang.String value)
The Amazon Resource Name (ARN) for the private CA issues the certificate.
|
void |
setCertificateSigningRequest(java.lang.String value)
The certificate signing request (CSR) for the certificate.
|
void |
setSigningAlgorithm(java.lang.String value)
The name of the algorithm that will be used to sign the certificate to be issued.
|
void |
setTemplateArn(java.lang.String value)
Specifies a custom configuration template to use when issuing a certificate.
|
void |
setValidity(CfnCertificate.ValidityProperty value)
The period of time during which the certificate will be valid.
|
void |
setValidity(IResolvable value)
The period of time during which the certificate will be valid.
|
void |
setValidityNotBefore(CfnCertificate.ValidityProperty value)
Information describing the start of the validity period of the certificate.
|
void |
setValidityNotBefore(IResolvable value)
Information describing the start of the validity period of the certificate.
|
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validatePropertiesgetRefgetCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalIdgetNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validatepublic static final java.lang.String CFN_RESOURCE_TYPE_NAME
protected CfnCertificate(software.amazon.jsii.JsiiObjectRef objRef)
protected CfnCertificate(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
public CfnCertificate(Construct scope, java.lang.String id, CfnCertificateProps props)
scope - - scope in which this resource is defined. This parameter is required.id - - scoped id of the resource. This parameter is required.props - - resource properties. This parameter is required.public void inspect(TreeInspector inspector)
inspect in interface IInspectableinspector - - tree inspector to collect and process attributes. This parameter is required.protected java.util.Map<java.lang.String,java.lang.Object> renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)
renderProperties in class CfnResourceprops - This parameter is required.public java.lang.String getAttrArn()
public java.lang.String getAttrCertificate()
protected java.util.Map<java.lang.String,java.lang.Object> getCfnProperties()
getCfnProperties in class CfnResourcepublic java.lang.String getCertificateAuthorityArn()
public void setCertificateAuthorityArn(java.lang.String value)
public java.lang.String getCertificateSigningRequest()
public void setCertificateSigningRequest(java.lang.String value)
public java.lang.String getSigningAlgorithm()
This parameter should not be confused with the SigningAlgorithm parameter used to sign a CSR in the CreateCertificateAuthority action.
The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.
public void setSigningAlgorithm(java.lang.String value)
This parameter should not be confused with the SigningAlgorithm parameter used to sign a CSR in the CreateCertificateAuthority action.
The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.
public java.lang.Object getValidity()
public void setValidity(CfnCertificate.ValidityProperty value)
public void setValidity(IResolvable value)
public java.lang.Object getApiPassthrough()
public void setApiPassthrough(IResolvable value)
public void setApiPassthrough(CfnCertificate.ApiPassthroughProperty value)
public java.lang.String getTemplateArn()
If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template. For more information about ACM Private CA templates, see Using Templates .
public void setTemplateArn(java.lang.String value)
If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template. For more information about ACM Private CA templates, see Using Templates .
public java.lang.Object getValidityNotBefore()
This parameter sets the “Not Before" date for the certificate.
By default, when issuing a certificate, ACM Private CA sets the "Not Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ValidityNotBefore parameter can be used to customize the “Not Before” value.
Unlike the Validity parameter, the ValidityNotBefore parameter is optional.
The ValidityNotBefore value is expressed as an explicit date and time, using the Validity type value ABSOLUTE .
public void setValidityNotBefore(CfnCertificate.ValidityProperty value)
This parameter sets the “Not Before" date for the certificate.
By default, when issuing a certificate, ACM Private CA sets the "Not Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ValidityNotBefore parameter can be used to customize the “Not Before” value.
Unlike the Validity parameter, the ValidityNotBefore parameter is optional.
The ValidityNotBefore value is expressed as an explicit date and time, using the Validity type value ABSOLUTE .
public void setValidityNotBefore(IResolvable value)
This parameter sets the “Not Before" date for the certificate.
By default, when issuing a certificate, ACM Private CA sets the "Not Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ValidityNotBefore parameter can be used to customize the “Not Before” value.
Unlike the Validity parameter, the ValidityNotBefore parameter is optional.
The ValidityNotBefore value is expressed as an explicit date and time, using the Validity type value ABSOLUTE .