public sealed class CertificateTemplate : IMessage<CertificateTemplate>, IEquatable<CertificateTemplate>, IDeepCloneable<CertificateTemplate>, IBufferMessage, IMessage
Reference documentation and code samples for the Certificate Authority v1 API class CertificateTemplate.
A [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] refers to a managed template for certificate issuance.
Implements
IMessageCertificateTemplate, IEquatableCertificateTemplate, IDeepCloneableCertificateTemplate, IBufferMessage, IMessageNamespace
Google.Cloud.Security.PrivateCA.V1Assembly
Google.Cloud.Security.PrivateCA.V1.dll
Constructors
CertificateTemplate()
public CertificateTemplate()
CertificateTemplate(CertificateTemplate)
public CertificateTemplate(CertificateTemplate other)
Parameter | |
---|---|
Name | Description |
other | CertificateTemplate |
Properties
CertificateTemplateName
public CertificateTemplateName CertificateTemplateName { get; set; }
CertificateTemplateName-typed view over the Name resource name property.
Property Value | |
---|---|
Type | Description |
CertificateTemplateName |
CreateTime
public Timestamp CreateTime { get; set; }
Output only. The time at which this [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] was created.
Property Value | |
---|---|
Type | Description |
Timestamp |
Description
public string Description { get; set; }
Optional. A human-readable description of scenarios this template is intended for.
Property Value | |
---|---|
Type | Description |
string |
IdentityConstraints
public CertificateIdentityConstraints IdentityConstraints { get; set; }
Optional. Describes constraints on identities that may be appear in [Certificates][google.cloud.security.privateca.v1.Certificate] issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.
Property Value | |
---|---|
Type | Description |
CertificateIdentityConstraints |
Labels
public MapField<string, string> Labels { get; }
Optional. Labels with user-defined metadata.
Property Value | |
---|---|
Type | Description |
MapFieldstringstring |
MaximumLifetime
public Duration MaximumLifetime { get; set; }
Optional. The maximum lifetime allowed for issued [Certificates][google.cloud.security.privateca.v1.Certificate] that use this template. If the issuing [CaPool][google.cloud.security.privateca.v1.CaPool]'s [IssuancePolicy][google.cloud.security.privateca.v1.CaPool.IssuancePolicy] specifies a [maximum_lifetime][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.maximum_lifetime] the minimum of the two durations will be the maximum lifetime for issued [Certificates][google.cloud.security.privateca.v1.Certificate]. Note that if the issuing [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] expires before a [Certificate][google.cloud.security.privateca.v1.Certificate]'s requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
Property Value | |
---|---|
Type | Description |
Duration |
Name
public string Name { get; set; }
Output only. The resource name for this
[CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
in the format projects/*/locations/*/certificateTemplates/*
.
Property Value | |
---|---|
Type | Description |
string |
PassthroughExtensions
public CertificateExtensionConstraints PassthroughExtensions { get; set; }
Optional. Describes the set of X.509 extensions that may appear in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued using this [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]. If a certificate request sets extensions that don't appear in the [passthrough_extensions][google.cloud.security.privateca.v1.CertificateTemplate.passthrough_extensions], those extensions will be dropped. If the issuing [CaPool][google.cloud.security.privateca.v1.CaPool]'s [IssuancePolicy][google.cloud.security.privateca.v1.CaPool.IssuancePolicy] defines [baseline_values][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.baseline_values] that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]'s [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values].
Property Value | |
---|---|
Type | Description |
CertificateExtensionConstraints |
PredefinedValues
public X509Parameters PredefinedValues { get; set; }
Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing [CaPool][google.cloud.security.privateca.v1.CaPool]'s [IssuancePolicy][google.cloud.security.privateca.v1.CaPool.IssuancePolicy] defines conflicting [baseline_values][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.baseline_values] for the same properties, the certificate issuance request will fail.
Property Value | |
---|---|
Type | Description |
X509Parameters |
UpdateTime
public Timestamp UpdateTime { get; set; }
Output only. The time at which this [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] was updated.
Property Value | |
---|---|
Type | Description |
Timestamp |