@Generated(value="jsii-pacmak/1.67.0 (build 2c027f5)", date="2022-09-19T20:26:35.969Z") @Stability(value=Stable) public class CfnCertificate extends CfnResource implements IInspectable
The AWS::ACMPCA::Certificate resource is used to issue a certificate using your private certificate authority. For more information, see the IssueCertificate action.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.acmpca.*;
CfnCertificate cfnCertificate = CfnCertificate.Builder.create(this, "MyCfnCertificate")
.certificateAuthorityArn("certificateAuthorityArn")
.certificateSigningRequest("certificateSigningRequest")
.signingAlgorithm("signingAlgorithm")
.validity(ValidityProperty.builder()
.type("type")
.value(123)
.build())
// the properties below are optional
.apiPassthrough(ApiPassthroughProperty.builder()
.extensions(ExtensionsProperty.builder()
.certificatePolicies(List.of(PolicyInformationProperty.builder()
.certPolicyId("certPolicyId")
// the properties below are optional
.policyQualifiers(List.of(PolicyQualifierInfoProperty.builder()
.policyQualifierId("policyQualifierId")
.qualifier(QualifierProperty.builder()
.cpsUri("cpsUri")
.build())
.build()))
.build()))
.customExtensions(List.of(CustomExtensionProperty.builder()
.objectIdentifier("objectIdentifier")
.value("value")
// the properties below are optional
.critical(false)
.build()))
.extendedKeyUsage(List.of(ExtendedKeyUsageProperty.builder()
.extendedKeyUsageObjectIdentifier("extendedKeyUsageObjectIdentifier")
.extendedKeyUsageType("extendedKeyUsageType")
.build()))
.keyUsage(KeyUsageProperty.builder()
.crlSign(false)
.dataEncipherment(false)
.decipherOnly(false)
.digitalSignature(false)
.encipherOnly(false)
.keyAgreement(false)
.keyCertSign(false)
.keyEncipherment(false)
.nonRepudiation(false)
.build())
.subjectAlternativeNames(List.of(GeneralNameProperty.builder()
.directoryName(SubjectProperty.builder()
.commonName("commonName")
.country("country")
.customAttributes(List.of(CustomAttributeProperty.builder()
.objectIdentifier("objectIdentifier")
.value("value")
.build()))
.distinguishedNameQualifier("distinguishedNameQualifier")
.generationQualifier("generationQualifier")
.givenName("givenName")
.initials("initials")
.locality("locality")
.organization("organization")
.organizationalUnit("organizationalUnit")
.pseudonym("pseudonym")
.serialNumber("serialNumber")
.state("state")
.surname("surname")
.title("title")
.build())
.dnsName("dnsName")
.ediPartyName(EdiPartyNameProperty.builder()
.nameAssigner("nameAssigner")
.partyName("partyName")
.build())
.ipAddress("ipAddress")
.otherName(OtherNameProperty.builder()
.typeId("typeId")
.value("value")
.build())
.registeredId("registeredId")
.rfc822Name("rfc822Name")
.uniformResourceIdentifier("uniformResourceIdentifier")
.build()))
.build())
.subject(SubjectProperty.builder()
.commonName("commonName")
.country("country")
.customAttributes(List.of(CustomAttributeProperty.builder()
.objectIdentifier("objectIdentifier")
.value("value")
.build()))
.distinguishedNameQualifier("distinguishedNameQualifier")
.generationQualifier("generationQualifier")
.givenName("givenName")
.initials("initials")
.locality("locality")
.organization("organization")
.organizationalUnit("organizationalUnit")
.pseudonym("pseudonym")
.serialNumber("serialNumber")
.state("state")
.surname("surname")
.title("title")
.build())
.build())
.templateArn("templateArn")
.validityNotBefore(ValidityProperty.builder()
.type("type")
.value(123)
.build())
.build();
| Modifier and Type | Class and Description |
|---|---|
static interface |
CfnCertificate.ApiPassthroughProperty
Contains X.509 certificate information to be placed in an issued certificate.
|
static class |
CfnCertificate.Builder
A fluent builder for
CfnCertificate. |
static interface |
CfnCertificate.CustomAttributeProperty
Defines the X.500 relative distinguished name (RDN).
|
static interface |
CfnCertificate.CustomExtensionProperty
Specifies the X.509 extension information for a certificate.
|
static interface |
CfnCertificate.EdiPartyNameProperty
Describes an Electronic Data Interchange (EDI) entity as described in as defined in [Subject Alternative Name](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280) in RFC 5280.
|
static interface |
CfnCertificate.ExtendedKeyUsageProperty
Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the `KeyUsage` extension.
|
static interface |
CfnCertificate.ExtensionsProperty
Contains X.509 extension information for a certificate.
|
static interface |
CfnCertificate.GeneralNameProperty
Describes an ASN.1 X.400 `GeneralName` as defined in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280) .
|
static interface |
CfnCertificate.KeyUsageProperty
Defines one or more purposes for which the key contained in the certificate can be used.
|
static interface |
CfnCertificate.OtherNameProperty
Defines a custom ASN.1 X.400 `GeneralName` using an object identifier (OID) and value.
|
static interface |
CfnCertificate.PolicyInformationProperty
Defines the X.509 `CertificatePolicies` extension.
|
static interface |
CfnCertificate.PolicyQualifierInfoProperty
Modifies the `CertPolicyId` of a `PolicyInformation` object with a qualifier.
|
static interface |
CfnCertificate.QualifierProperty
Defines a `PolicyInformation` qualifier.
|
static interface |
CfnCertificate.SubjectProperty
Contains information about the certificate subject.
|
static interface |
CfnCertificate.ValidityProperty
Length of time for which the certificate issued by your private certificate authority (CA), or by the private CA itself, is valid in days, months, or years.
|
software.amazon.jsii.JsiiObject.InitializationModeIInspectable.Jsii$Default, IInspectable.Jsii$Proxy| Modifier and Type | Field and Description |
|---|---|
static String |
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
|
| Modifier | Constructor and Description |
|---|---|
|
CfnCertificate(software.constructs.Construct scope,
String id,
CfnCertificateProps props)
Create a new `AWS::ACMPCA::Certificate`.
|
protected |
CfnCertificate(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
CfnCertificate(software.amazon.jsii.JsiiObjectRef objRef) |
| Modifier and Type | Method and Description |
|---|---|
Object |
getApiPassthrough()
Specifies X.509 certificate information to be included in the issued certificate.
|
String |
getAttrArn()
The Amazon Resource Name (ARN) of the issued certificate.
|
String |
getAttrCertificate()
The issued Base64 PEM-encoded certificate.
|
String |
getCertificateAuthorityArn()
The Amazon Resource Name (ARN) for the private CA issues the certificate.
|
String |
getCertificateSigningRequest()
The certificate signing request (CSR) for the certificate.
|
protected Map<String,Object> |
getCfnProperties() |
String |
getSigningAlgorithm()
The name of the algorithm that will be used to sign the certificate to be issued.
|
String |
getTemplateArn()
Specifies a custom configuration template to use when issuing a certificate.
|
Object |
getValidity()
The period of time during which the certificate will be valid.
|
Object |
getValidityNotBefore()
Information describing the start of the validity period of the certificate.
|
void |
inspect(TreeInspector inspector)
Examines the CloudFormation resource and discloses attributes.
|
protected Map<String,Object> |
renderProperties(Map<String,Object> props) |
void |
setApiPassthrough(CfnCertificate.ApiPassthroughProperty value)
Specifies X.509 certificate information to be included in the issued certificate.
|
void |
setApiPassthrough(IResolvable value)
Specifies X.509 certificate information to be included in the issued certificate.
|
void |
setCertificateAuthorityArn(String value)
The Amazon Resource Name (ARN) for the private CA issues the certificate.
|
void |
setCertificateSigningRequest(String value)
The certificate signing request (CSR) for the certificate.
|
void |
setSigningAlgorithm(String value)
The name of the algorithm that will be used to sign the certificate to be issued.
|
void |
setTemplateArn(String value)
Specifies a custom configuration template to use when issuing a certificate.
|
void |
setValidity(CfnCertificate.ValidityProperty value)
The period of time during which the certificate will be valid.
|
void |
setValidity(IResolvable value)
The period of time during which the certificate will be valid.
|
void |
setValidityNotBefore(CfnCertificate.ValidityProperty value)
Information describing the start of the validity period of the certificate.
|
void |
setValidityNotBefore(IResolvable value)
Information describing the start of the validity period of the certificate.
|
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, shouldSynthesize, toString, validatePropertiesgetRefgetCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalIdjsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet@Stability(value=Stable) public static final String CFN_RESOURCE_TYPE_NAME
protected CfnCertificate(software.amazon.jsii.JsiiObjectRef objRef)
protected CfnCertificate(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
@Stability(value=Stable)
public CfnCertificate(@NotNull
software.constructs.Construct scope,
@NotNull
String id,
@NotNull
CfnCertificateProps props)
scope - - scope in which this resource is defined. This parameter is required.id - - scoped id of the resource. This parameter is required.props - - resource properties. This parameter is required.@Stability(value=Stable)
public void inspect(@NotNull
TreeInspector inspector)
inspect in interface IInspectableinspector - - tree inspector to collect and process attributes. This parameter is required.@Stability(value=Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
renderProperties in class CfnResourceprops - This parameter is required.@Stability(value=Stable) @NotNull public String getAttrArn()
@Stability(value=Stable) @NotNull public String getAttrCertificate()
@Stability(value=Stable) @NotNull protected Map<String,Object> getCfnProperties()
getCfnProperties in class CfnResource@Stability(value=Stable) @NotNull public String getCertificateAuthorityArn()
@Stability(value=Stable)
public void setCertificateAuthorityArn(@NotNull
String value)
@Stability(value=Stable) @NotNull public String getCertificateSigningRequest()
@Stability(value=Stable)
public void setCertificateSigningRequest(@NotNull
String value)
@Stability(value=Stable) @NotNull public String getSigningAlgorithm()
This parameter should not be confused with the SigningAlgorithm parameter used to sign a CSR in the CreateCertificateAuthority action.
The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.
@Stability(value=Stable)
public void setSigningAlgorithm(@NotNull
String value)
This parameter should not be confused with the SigningAlgorithm parameter used to sign a CSR in the CreateCertificateAuthority action.
The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.
@Stability(value=Stable) @NotNull public Object getValidity()
@Stability(value=Stable)
public void setValidity(@NotNull
CfnCertificate.ValidityProperty value)
@Stability(value=Stable)
public void setValidity(@NotNull
IResolvable value)
@Stability(value=Stable) @Nullable public Object getApiPassthrough()
@Stability(value=Stable)
public void setApiPassthrough(@Nullable
CfnCertificate.ApiPassthroughProperty value)
@Stability(value=Stable)
public void setApiPassthrough(@Nullable
IResolvable value)
@Stability(value=Stable) @Nullable public String getTemplateArn()
If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template. For more information about ACM Private CA templates, see Using Templates .
@Stability(value=Stable)
public void setTemplateArn(@Nullable
String value)
If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template. For more information about ACM Private CA templates, see Using Templates .
@Stability(value=Stable) @Nullable public Object getValidityNotBefore()
This parameter sets the “Not Before" date for the certificate.
By default, when issuing a certificate, ACM Private CA sets the "Not Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ValidityNotBefore parameter can be used to customize the “Not Before” value.
Unlike the Validity parameter, the ValidityNotBefore parameter is optional.
The ValidityNotBefore value is expressed as an explicit date and time, using the Validity type value ABSOLUTE .
@Stability(value=Stable)
public void setValidityNotBefore(@Nullable
CfnCertificate.ValidityProperty value)
This parameter sets the “Not Before" date for the certificate.
By default, when issuing a certificate, ACM Private CA sets the "Not Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ValidityNotBefore parameter can be used to customize the “Not Before” value.
Unlike the Validity parameter, the ValidityNotBefore parameter is optional.
The ValidityNotBefore value is expressed as an explicit date and time, using the Validity type value ABSOLUTE .
@Stability(value=Stable)
public void setValidityNotBefore(@Nullable
IResolvable value)
This parameter sets the “Not Before" date for the certificate.
By default, when issuing a certificate, ACM Private CA sets the "Not Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ValidityNotBefore parameter can be used to customize the “Not Before” value.
Unlike the Validity parameter, the ValidityNotBefore parameter is optional.
The ValidityNotBefore value is expressed as an explicit date and time, using the Validity type value ABSOLUTE .
Copyright © 2022. All rights reserved.