public sealed class CertificateAuthorityPolicy : IMessage<CertificateAuthority.Types.CertificateAuthorityPolicy>, IEquatable<CertificateAuthority.Types.CertificateAuthorityPolicy>, IDeepCloneable<CertificateAuthority.Types.CertificateAuthorityPolicy>, IBufferMessage, IMessage
Reference documentation and code samples for the Certificate Authority v1beta1 API class CertificateAuthority.Types.CertificateAuthorityPolicy.
The issuing policy for a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. [Certificates][google.cloud.security.privateca.v1beta1.Certificate] will not be successfully issued from this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] if they violate the policy.
Implements
IMessage<CertificateAuthority.Types.CertificateAuthorityPolicy>, IEquatable<CertificateAuthority.Types.CertificateAuthorityPolicy>, IDeepCloneable<CertificateAuthority.Types.CertificateAuthorityPolicy>, IBufferMessage, IMessageNamespace
Google.Cloud.Security.PrivateCA.V1Beta1Assembly
Google.Cloud.Security.PrivateCA.V1Beta1.dll
Constructors
CertificateAuthorityPolicy()
public CertificateAuthorityPolicy()
CertificateAuthorityPolicy(CertificateAuthority.Types.CertificateAuthorityPolicy)
public CertificateAuthorityPolicy(CertificateAuthority.Types.CertificateAuthorityPolicy other)
Parameter | |
---|---|
Name | Description |
other | CertificateAuthority.Types.CertificateAuthorityPolicy |
Properties
AllowedCommonNames
public RepeatedField<string> AllowedCommonNames { get; }
Optional. If any value is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.
Property Value | |
---|---|
Type | Description |
RepeatedField<String> |
AllowedConfigList
public CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedConfigList AllowedConfigList { get; set; }
Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] in the list.
Property Value | |
---|---|
Type | Description |
CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedConfigList |
AllowedIssuanceModes
public CertificateAuthority.Types.CertificateAuthorityPolicy.Types.IssuanceModes AllowedIssuanceModes { get; set; }
Optional. If specified, then only methods allowed in the [IssuanceModes][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes] may be used to issue [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
Property Value | |
---|---|
Type | Description |
CertificateAuthority.Types.CertificateAuthorityPolicy.Types.IssuanceModes |
AllowedLocationsAndOrganizations
public RepeatedField<Subject> AllowedLocationsAndOrganizations { get; }
Optional. If any [Subject][google.cloud.security.privateca.v1beta1.Subject] is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed [Subject][google.cloud.security.privateca.v1beta1.Subject]. If a [Subject][google.cloud.security.privateca.v1beta1.Subject] has an empty field, any value will be allowed for that field.
Property Value | |
---|---|
Type | Description |
RepeatedField<Subject> |
AllowedSans
public CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedSubjectAltNames AllowedSans { get; set; }
Optional. If a [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames] is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames]. If no value or an empty value is specified, any value will be allowed for the [SubjectAltNames][google.cloud.security.privateca.v1beta1.SubjectAltNames] field.
Property Value | |
---|---|
Type | Description |
CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedSubjectAltNames |
ConfigPolicyCase
public CertificateAuthority.Types.CertificateAuthorityPolicy.ConfigPolicyOneofCase ConfigPolicyCase { get; }
Property Value | |
---|---|
Type | Description |
CertificateAuthority.Types.CertificateAuthorityPolicy.ConfigPolicyOneofCase |
MaximumLifetime
public Duration MaximumLifetime { get; set; }
Optional. The maximum lifetime allowed by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. Note that if the any part if the issuing chain expires before a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]'s requested maximum_lifetime, the effective lifetime will be explicitly truncated.
Property Value | |
---|---|
Type | Description |
Duration |
OverwriteConfigValues
public ReusableConfigWrapper OverwriteConfigValues { get; set; }
Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] will use the provided configuration values, overwriting any requested configuration values.
Property Value | |
---|---|
Type | Description |
ReusableConfigWrapper |