Interface IPrivateCertificateProps

Properties for your private certificate.

Namespace: Amazon.CDK.AWS.CertificateManager

Assembly: Amazon.CDK.Lib.dll

Syntax (csharp)

public interface IPrivateCertificateProps

Syntax (vb)

Public Interface IPrivateCertificateProps

Remarks

ExampleMetadata: infused

Examples

using Amazon.CDK.AWS.ACMPCA;


            new PrivateCertificate(this, "PrivateCertificate", new PrivateCertificateProps {
                DomainName = "test.example.com",
                SubjectAlternativeNames = new [] { "cool.example.com", "test.example.net" },  // optional
                CertificateAuthority = CertificateAuthority.FromCertificateAuthorityArn(this, "CA", "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/023077d8-2bfa-4eb0-8f22-05c96deade77"),
                KeyAlgorithm = KeyAlgorithm.RSA_2048
            });

Synopsis

Properties

AllowExport	Enable or disable export of this certificate.
CertificateAuthority	Private certificate authority (CA) that will be used to issue the certificate.
DomainName	Fully-qualified domain name to request a private certificate for.
KeyAlgorithm	Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.
SubjectAlternativeNames	Alternative domain names on your private certificate.

Properties

AllowExport

Enable or disable export of this certificate.

bool? AllowExport { get; }

Property Value

bool?

Remarks

If you issue an exportable public certificate, there is a charge at certificate issuance and again when the certificate renews. Ref: https://aws.amazon.com/certificate-manager/pricing

Default: false

CertificateAuthority

Private certificate authority (CA) that will be used to issue the certificate.

ICertificateAuthorityRef CertificateAuthority { get; }

Property Value

ICertificateAuthorityRef

Remarks

ExampleMetadata: infused

DomainName

Fully-qualified domain name to request a private certificate for.

string DomainName { get; }

Property Value

string

Remarks

May contain wildcards, such as *.domain.com.

KeyAlgorithm

Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.

KeyAlgorithm? KeyAlgorithm { get; }

Property Value

KeyAlgorithm

Remarks

When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.

Default: KeyAlgorithm.RSA_2048

See: https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms.title

SubjectAlternativeNames

Alternative domain names on your private certificate.

string[]? SubjectAlternativeNames { get; }

Property Value

string[]

Remarks

Use this to register alternative domain names that represent the same site.

Default: - No additional FQDNs will be included as alternative domain names.