Class: Aws::ACMPCA::Types::CertificateAuthorityConfiguration

Inherits:

Struct

• Object
• Struct
• Aws::ACMPCA::Types::CertificateAuthorityConfiguration

Defined in:

gems/aws-sdk-acmpca/lib/aws-sdk-acmpca/types.rb

Overview

Note:

When making an API call, you may pass CertificateAuthorityConfiguration data as a hash:

{
  key_algorithm: "RSA_2048", # required, accepts RSA_2048, RSA_4096, EC_prime256v1, EC_secp384r1
  signing_algorithm: "SHA256WITHECDSA", # required, accepts SHA256WITHECDSA, SHA384WITHECDSA, SHA512WITHECDSA, SHA256WITHRSA, SHA384WITHRSA, SHA512WITHRSA
  subject: { # required
    country: "CountryCodeString",
    organization: "String64",
    organizational_unit: "String64",
    distinguished_name_qualifier: "ASN1PrintableString64",
    state: "String128",
    common_name: "String64",
    serial_number: "ASN1PrintableString64",
    locality: "String128",
    title: "String64",
    surname: "String40",
    given_name: "String16",
    initials: "String5",
    pseudonym: "String128",
    generation_qualifier: "String3",
  },
  csr_extensions: {
    key_usage: {
      digital_signature: false,
      non_repudiation: false,
      key_encipherment: false,
      data_encipherment: false,
      key_agreement: false,
      key_cert_sign: false,
      crl_sign: false,
      encipher_only: false,
      decipher_only: false,
    },
    subject_information_access: [
      {
        access_method: { # required
          custom_object_identifier: "CustomObjectIdentifier",
          access_method_type: "CA_REPOSITORY", # accepts CA_REPOSITORY, RESOURCE_PKI_MANIFEST, RESOURCE_PKI_NOTIFY
        },
        access_location: { # required
          other_name: {
            type_id: "CustomObjectIdentifier", # required
            value: "String256", # required
          },
          rfc_822_name: "String256",
          dns_name: "String253",
          directory_name: {
            country: "CountryCodeString",
            organization: "String64",
            organizational_unit: "String64",
            distinguished_name_qualifier: "ASN1PrintableString64",
            state: "String128",
            common_name: "String64",
            serial_number: "ASN1PrintableString64",
            locality: "String128",
            title: "String64",
            surname: "String40",
            given_name: "String16",
            initials: "String5",
            pseudonym: "String128",
            generation_qualifier: "String3",
          },
          edi_party_name: {
            party_name: "String256", # required
            name_assigner: "String256",
          },
          uniform_resource_identifier: "String253",
          ip_address: "String39",
          registered_id: "CustomObjectIdentifier",
        },
      },
    ],
  },
}

Contains configuration information for your private certificate authority (CA). This includes information about the class of public key algorithm and the key pair that your private CA creates when it issues a certificate. It also includes the signature algorithm that it uses when issuing certificates, and its X.500 distinguished name. You must specify this information when you call the CreateCertificateAuthority action.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #csr_extensions ⇒ Types::CsrExtensions

  Specifies information to be added to the extension section of the certificate signing request (CSR).

• #key_algorithm ⇒ String

  Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate.

• #signing_algorithm ⇒ String

  Name of the algorithm your private CA uses to sign certificate requests.

• #subject ⇒ Types::ASN1Subject

  Structure that contains X.500 distinguished name information for your private CA.

Instance Attribute Details

#csr_extensions ⇒ Types::CsrExtensions

Specifies information to be added to the extension section of the certificate signing request (CSR).

Returns:

• (Types::CsrExtensions)

# File 'gems/aws-sdk-acmpca/lib/aws-sdk-acmpca/types.rb', line 566

class CertificateAuthorityConfiguration < Struct.new(
  :key_algorithm,
  :signing_algorithm,
  :subject,
  :csr_extensions)
  SENSITIVE = []
  include Aws::Structure
end

#key_algorithm ⇒ String

Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. When you create a subordinate CA, you must use a key algorithm supported by the parent CA.

Returns:

• (String)

# File 'gems/aws-sdk-acmpca/lib/aws-sdk-acmpca/types.rb', line 566

class CertificateAuthorityConfiguration < Struct.new(
  :key_algorithm,
  :signing_algorithm,
  :subject,
  :csr_extensions)
  SENSITIVE = []
  include Aws::Structure
end

#signing_algorithm ⇒ String

Name of the algorithm your private CA uses to sign certificate requests.

This parameter should not be confused with the SigningAlgorithm parameter used to sign certificates when they are issued.

Returns:

• (String)

# File 'gems/aws-sdk-acmpca/lib/aws-sdk-acmpca/types.rb', line 566

class CertificateAuthorityConfiguration < Struct.new(
  :key_algorithm,
  :signing_algorithm,
  :subject,
  :csr_extensions)
  SENSITIVE = []
  include Aws::Structure
end

#subject ⇒ Types::ASN1Subject

Structure that contains X.500 distinguished name information for your private CA.

Returns:

• (Types::ASN1Subject)

# File 'gems/aws-sdk-acmpca/lib/aws-sdk-acmpca/types.rb', line 566

class CertificateAuthorityConfiguration < Struct.new(
  :key_algorithm,
  :signing_algorithm,
  :subject,
  :csr_extensions)
  SENSITIVE = []
  include Aws::Structure
end