Reference documentation and code samples for the Google Certificate Authority Service V1beta1 Client class CertificateAuthorityPolicy.
The issuing policy for a CertificateAuthority.
Certificates will not be successfully issued from this CertificateAuthority if they violate the policy.
Generated from protobuf message google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy
Methods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ allowed_config_list |
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedConfigList
Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list. |
↳ overwrite_config_values |
Google\Cloud\Security\PrivateCA\V1beta1\ReusableConfigWrapper
Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values. |
↳ allowed_locations_and_organizations |
array<Google\Cloud\Security\PrivateCA\V1beta1\Subject>
Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field. |
↳ allowed_common_names |
array
Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported. |
↳ allowed_sans |
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedSubjectAltNames
Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field. |
↳ maximum_lifetime |
Google\Protobuf\Duration
Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated. |
↳ allowed_issuance_modes |
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\IssuanceModes
Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates. |
getAllowedConfigList
Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.
Returns | |
---|---|
Type | Description |
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedConfigList|null |
hasAllowedConfigList
setAllowedConfigList
Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.
Parameter | |
---|---|
Name | Description |
var |
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedConfigList
|
Returns | |
---|---|
Type | Description |
$this |
getOverwriteConfigValues
Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.
Returns | |
---|---|
Type | Description |
Google\Cloud\Security\PrivateCA\V1beta1\ReusableConfigWrapper|null |
hasOverwriteConfigValues
setOverwriteConfigValues
Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.
Parameter | |
---|---|
Name | Description |
var |
Google\Cloud\Security\PrivateCA\V1beta1\ReusableConfigWrapper
|
Returns | |
---|---|
Type | Description |
$this |
getAllowedLocationsAndOrganizations
Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setAllowedLocationsAndOrganizations
Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.
Parameter | |
---|---|
Name | Description |
var |
array<Google\Cloud\Security\PrivateCA\V1beta1\Subject>
|
Returns | |
---|---|
Type | Description |
$this |
getAllowedCommonNames
Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setAllowedCommonNames
Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.
Parameter | |
---|---|
Name | Description |
var |
string[]
|
Returns | |
---|---|
Type | Description |
$this |
getAllowedSans
Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.
Returns | |
---|---|
Type | Description |
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedSubjectAltNames|null |
hasAllowedSans
clearAllowedSans
setAllowedSans
Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.
Parameter | |
---|---|
Name | Description |
var |
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedSubjectAltNames
|
Returns | |
---|---|
Type | Description |
$this |
getMaximumLifetime
Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Duration|null |
hasMaximumLifetime
clearMaximumLifetime
setMaximumLifetime
Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.
Parameter | |
---|---|
Name | Description |
var |
Google\Protobuf\Duration
|
Returns | |
---|---|
Type | Description |
$this |
getAllowedIssuanceModes
Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
Returns | |
---|---|
Type | Description |
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\IssuanceModes|null |
hasAllowedIssuanceModes
clearAllowedIssuanceModes
setAllowedIssuanceModes
Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
Parameter | |
---|---|
Name | Description |
var |
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\IssuanceModes
|
Returns | |
---|---|
Type | Description |
$this |
getConfigPolicy
Returns | |
---|---|
Type | Description |
string |