public sealed class CertificateAuthorityPolicy : IMessage<CertificateAuthority.Types.CertificateAuthorityPolicy>, IEquatable<CertificateAuthority.Types.CertificateAuthorityPolicy>, IDeepCloneable<CertificateAuthority.Types.CertificateAuthorityPolicy>, IBufferMessage, IMessageReference documentation and code samples for the Certificate Authority v1beta1 API class CertificateAuthority.Types.CertificateAuthorityPolicy.
The issuing policy for a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. [Certificates][google.cloud.security.privateca.v1beta1.Certificate] will not be successfully issued from this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] if they violate the policy.
Implements
IMessage<CertificateAuthority.Types.CertificateAuthorityPolicy>, IEquatable<CertificateAuthority.Types.CertificateAuthorityPolicy>, IDeepCloneable<CertificateAuthority.Types.CertificateAuthorityPolicy>, IBufferMessage, IMessageNamespace
Google.Cloud.Security.PrivateCA.V1Beta1Assembly
Google.Cloud.Security.PrivateCA.V1Beta1.dll
Constructors
CertificateAuthorityPolicy()
public CertificateAuthorityPolicy()CertificateAuthorityPolicy(CertificateAuthority.Types.CertificateAuthorityPolicy)
public CertificateAuthorityPolicy(CertificateAuthority.Types.CertificateAuthorityPolicy other)| Parameter | |
|---|---|
| Name | Description |
other | CertificateAuthority.Types.CertificateAuthorityPolicy |
Properties
AllowedCommonNames
public RepeatedField<string> AllowedCommonNames { get; }Optional. If any value is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.
| Property Value | |
|---|---|
| Type | Description |
RepeatedField<String> | |
AllowedConfigList
public CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedConfigList AllowedConfigList { get; set; }Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] in the list.
| Property Value | |
|---|---|
| Type | Description |
CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedConfigList | |
AllowedIssuanceModes
public CertificateAuthority.Types.CertificateAuthorityPolicy.Types.IssuanceModes AllowedIssuanceModes { get; set; }Optional. If specified, then only methods allowed in the [IssuanceModes][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes] may be used to issue [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
| Property Value | |
|---|---|
| Type | Description |
CertificateAuthority.Types.CertificateAuthorityPolicy.Types.IssuanceModes | |
AllowedLocationsAndOrganizations
public RepeatedField<Subject> AllowedLocationsAndOrganizations { get; }Optional. If any [Subject][google.cloud.security.privateca.v1beta1.Subject] is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed [Subject][google.cloud.security.privateca.v1beta1.Subject]. If a [Subject][google.cloud.security.privateca.v1beta1.Subject] has an empty field, any value will be allowed for that field.
| Property Value | |
|---|---|
| Type | Description |
RepeatedField<Subject> | |
AllowedSans
public CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedSubjectAltNames AllowedSans { get; set; }Optional. If a [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames] is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames]. If no value or an empty value is specified, any value will be allowed for the [SubjectAltNames][google.cloud.security.privateca.v1beta1.SubjectAltNames] field.
| Property Value | |
|---|---|
| Type | Description |
CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedSubjectAltNames | |
ConfigPolicyCase
public CertificateAuthority.Types.CertificateAuthorityPolicy.ConfigPolicyOneofCase ConfigPolicyCase { get; }| Property Value | |
|---|---|
| Type | Description |
CertificateAuthority.Types.CertificateAuthorityPolicy.ConfigPolicyOneofCase | |
MaximumLifetime
public Duration MaximumLifetime { get; set; }Optional. The maximum lifetime allowed by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. Note that if the any part if the issuing chain expires before a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]'s requested maximum_lifetime, the effective lifetime will be explicitly truncated.
| Property Value | |
|---|---|
| Type | Description |
Duration | |
OverwriteConfigValues
public ReusableConfigWrapper OverwriteConfigValues { get; set; }Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] will use the provided configuration values, overwriting any requested configuration values.
| Property Value | |
|---|---|
| Type | Description |
ReusableConfigWrapper | |