Google Certificate Authority Service V1beta1 Client - Class CertificateAuthorityPolicy (1.7.3)

Reference documentation and code samples for the Google Certificate Authority Service V1beta1 Client class CertificateAuthorityPolicy.

The issuing policy for a CertificateAuthority.

Certificates will not be successfully issued from this CertificateAuthority if they violate the policy.

Generated from protobuf message google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy

Namespace

Google \ Cloud \ Security \ PrivateCA \ V1beta1 \ CertificateAuthority

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.

↳ allowed_config_list Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedConfigList

Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.

↳ overwrite_config_values Google\Cloud\Security\PrivateCA\V1beta1\ReusableConfigWrapper

Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.

↳ allowed_locations_and_organizations array<Google\Cloud\Security\PrivateCA\V1beta1\Subject>

Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.

↳ allowed_common_names array

Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.

↳ allowed_sans Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\AllowedSubjectAltNames

Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.

↳ maximum_lifetime Google\Protobuf\Duration

Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.

↳ allowed_issuance_modes Google\Cloud\Security\PrivateCA\V1beta1\CertificateAuthority\CertificateAuthorityPolicy\IssuanceModes

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

getAllowedConfigList

Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.

hasAllowedConfigList

setAllowedConfigList

Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.

Returns
Type Description
$this

getOverwriteConfigValues

Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.

hasOverwriteConfigValues

setOverwriteConfigValues

Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.

Returns
Type Description
$this

getAllowedLocationsAndOrganizations

Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setAllowedLocationsAndOrganizations

Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.

Parameter
Name Description
var array<Google\Cloud\Security\PrivateCA\V1beta1\Subject>
Returns
Type Description
$this

getAllowedCommonNames

Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setAllowedCommonNames

Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.

Parameter
Name Description
var string[]
Returns
Type Description
$this

getAllowedSans

Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.

hasAllowedSans

clearAllowedSans

setAllowedSans

Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.

Returns
Type Description
$this

getMaximumLifetime

Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.

Returns
Type Description
Google\Protobuf\Duration|null

hasMaximumLifetime

clearMaximumLifetime

setMaximumLifetime

Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.

Parameter
Name Description
var Google\Protobuf\Duration
Returns
Type Description
$this

getAllowedIssuanceModes

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

hasAllowedIssuanceModes

clearAllowedIssuanceModes

setAllowedIssuanceModes

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

Returns
Type Description
$this

getConfigPolicy

Returns
Type Description
string