Google Certificate Authority Service V1beta1 Client - Class CertificateAuthorityPolicy (1.2.2)

Reference documentation and code samples for the Google Certificate Authority Service V1beta1 Client class CertificateAuthorityPolicy.

The issuing policy for a CertificateAuthority.

Certificates will not be successfully issued from this CertificateAuthority if they violate the policy.

Generated from protobuf message google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy

Methods

__construct

Constructor.

Parameters
NameDescription
data array

Optional. Data for populating the Message object.

↳ allowed_config_list Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedConfigList

Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.

↳ overwrite_config_values Google\Cloud\Security\PrivateCA\V1beta1\ReusableConfigWrapper

Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.

↳ allowed_locations_and_organizations array<Google\Cloud\Security\PrivateCA\V1beta1\Subject>

Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.

↳ allowed_common_names array

Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.

↳ allowed_sans Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedSubjectAltNames

Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.

↳ maximum_lifetime Google\Protobuf\Duration

Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.

↳ allowed_issuance_modes Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\IssuanceModes

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

getAllowedConfigList

Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.

Returns
TypeDescription
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedConfigList|null

hasAllowedConfigList

setAllowedConfigList

Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.

Parameter
NameDescription
var Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedConfigList
Returns
TypeDescription
$this

getOverwriteConfigValues

Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.

Returns
TypeDescription
Google\Cloud\Security\PrivateCA\V1beta1\ReusableConfigWrapper|null

hasOverwriteConfigValues

setOverwriteConfigValues

Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.

Parameter
NameDescription
var Google\Cloud\Security\PrivateCA\V1beta1\ReusableConfigWrapper
Returns
TypeDescription
$this

getAllowedLocationsAndOrganizations

Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.

Returns
TypeDescription
Google\Protobuf\Internal\RepeatedField

setAllowedLocationsAndOrganizations

Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.

Parameter
NameDescription
var array<Google\Cloud\Security\PrivateCA\V1beta1\Subject>
Returns
TypeDescription
$this

getAllowedCommonNames

Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.

Returns
TypeDescription
Google\Protobuf\Internal\RepeatedField

setAllowedCommonNames

Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.

Parameter
NameDescription
var string[]
Returns
TypeDescription
$this

getAllowedSans

Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.

Returns
TypeDescription
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedSubjectAltNames|null

hasAllowedSans

clearAllowedSans

setAllowedSans

Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.

Parameter
NameDescription
var Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedSubjectAltNames
Returns
TypeDescription
$this

getMaximumLifetime

Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.

Returns
TypeDescription
Google\Protobuf\Duration|null

hasMaximumLifetime

clearMaximumLifetime

setMaximumLifetime

Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.

Parameter
NameDescription
var Google\Protobuf\Duration
Returns
TypeDescription
$this

getAllowedIssuanceModes

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

Returns
TypeDescription
Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\IssuanceModes|null

hasAllowedIssuanceModes

clearAllowedIssuanceModes

setAllowedIssuanceModes

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

Parameter
NameDescription
var Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\IssuanceModes
Returns
TypeDescription
$this

getConfigPolicy

Returns
TypeDescription
string