Interface CaPool.IssuancePolicyOrBuilder (2.53.0)

public static interface CaPool.IssuancePolicyOrBuilder extends MessageOrBuilder

Implements

MessageOrBuilder

Methods

getAllowedIssuanceModes()

public abstract CaPool.IssuancePolicy.IssuanceModes getAllowedIssuanceModes()

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
CaPool.IssuancePolicy.IssuanceModes

The allowedIssuanceModes.

getAllowedIssuanceModesOrBuilder()

public abstract CaPool.IssuancePolicy.IssuanceModesOrBuilder getAllowedIssuanceModesOrBuilder()

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
CaPool.IssuancePolicy.IssuanceModesOrBuilder

getAllowedKeyTypes(int index)

public abstract CaPool.IssuancePolicy.AllowedKeyType getAllowedKeyTypes(int index)

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
index int
Returns
Type Description
CaPool.IssuancePolicy.AllowedKeyType

getAllowedKeyTypesCount()

public abstract int getAllowedKeyTypesCount()

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
int

getAllowedKeyTypesList()

public abstract List<CaPool.IssuancePolicy.AllowedKeyType> getAllowedKeyTypesList()

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
List<AllowedKeyType>

getAllowedKeyTypesOrBuilder(int index)

public abstract CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder getAllowedKeyTypesOrBuilder(int index)

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
index int
Returns
Type Description
CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder

getAllowedKeyTypesOrBuilderList()

public abstract List<? extends CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder> getAllowedKeyTypesOrBuilderList()

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
List<? extends com.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder>

getBaselineValues()

public abstract X509Parameters getBaselineValues()

Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.

.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
X509Parameters

The baselineValues.

getBaselineValuesOrBuilder()

public abstract X509ParametersOrBuilder getBaselineValuesOrBuilder()

Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.

.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
X509ParametersOrBuilder

getIdentityConstraints()

public abstract CertificateIdentityConstraints getIdentityConstraints()

Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.

.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
CertificateIdentityConstraints

The identityConstraints.

getIdentityConstraintsOrBuilder()

public abstract CertificateIdentityConstraintsOrBuilder getIdentityConstraintsOrBuilder()

Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.

.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
CertificateIdentityConstraintsOrBuilder

getMaximumLifetime()

public abstract Duration getMaximumLifetime()

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate resource's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
Duration

The maximumLifetime.

getMaximumLifetimeOrBuilder()

public abstract DurationOrBuilder getMaximumLifetimeOrBuilder()

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate resource's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
DurationOrBuilder

getPassthroughExtensions()

public abstract CertificateExtensionConstraints getPassthroughExtensions()

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.

.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
CertificateExtensionConstraints

The passthroughExtensions.

getPassthroughExtensionsOrBuilder()

public abstract CertificateExtensionConstraintsOrBuilder getPassthroughExtensionsOrBuilder()

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.

.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
CertificateExtensionConstraintsOrBuilder

hasAllowedIssuanceModes()

public abstract boolean hasAllowedIssuanceModes()

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
boolean

Whether the allowedIssuanceModes field is set.

hasBaselineValues()

public abstract boolean hasBaselineValues()

Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.

.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
boolean

Whether the baselineValues field is set.

hasIdentityConstraints()

public abstract boolean hasIdentityConstraints()

Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.

.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
boolean

Whether the identityConstraints field is set.

hasMaximumLifetime()

public abstract boolean hasMaximumLifetime()

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate resource's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
boolean

Whether the maximumLifetime field is set.

hasPassthroughExtensions()

public abstract boolean hasPassthroughExtensions()

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.

.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
boolean

Whether the passthroughExtensions field is set.