class Aws::ACMPCA::Types::Extensions
Contains X.509 extension information for a certificate.
@note When making an API call, you may pass Extensions
data as a hash: { certificate_policies: [ { cert_policy_id: "CustomObjectIdentifier", # required policy_qualifiers: [ { policy_qualifier_id: "CPS", # required, accepts CPS qualifier: { # required cps_uri: "String256", # required }, }, ], }, ], extended_key_usage: [ { extended_key_usage_type: "SERVER_AUTH", # accepts SERVER_AUTH, CLIENT_AUTH, CODE_SIGNING, EMAIL_PROTECTION, TIME_STAMPING, OCSP_SIGNING, SMART_CARD_LOGIN, DOCUMENT_SIGNING, CERTIFICATE_TRANSPARENCY extended_key_usage_object_identifier: "CustomObjectIdentifier", }, ], key_usage: { digital_signature: false, non_repudiation: false, key_encipherment: false, data_encipherment: false, key_agreement: false, key_cert_sign: false, crl_sign: false, encipher_only: false, decipher_only: false, }, subject_alternative_names: [ { other_name: { type_id: "CustomObjectIdentifier", # required value: "String256", # required }, rfc_822_name: "String256", dns_name: "String253", directory_name: { country: "CountryCodeString", organization: "String64", organizational_unit: "String64", distinguished_name_qualifier: "ASN1PrintableString64", state: "String128", common_name: "String64", serial_number: "ASN1PrintableString64", locality: "String128", title: "String64", surname: "String40", given_name: "String16", initials: "String5", pseudonym: "String128", generation_qualifier: "String3", }, edi_party_name: { party_name: "String256", # required name_assigner: "String256", }, uniform_resource_identifier: "String253", ip_address: "String39", registered_id: "CustomObjectIdentifier", }, ], }
@!attribute [rw] certificate_policies
Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of [Object Identifier (OID)][1]. In an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate. [1]: https://csrc.nist.gov/glossary/term/Object_Identifier @return [Array<Types::PolicyInformation>]
@!attribute [rw] extended_key_usage
Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the `KeyUsage` extension. @return [Array<Types::ExtendedKeyUsage>]
@!attribute [rw] key_usage
Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false. @return [Types::KeyUsage]
@!attribute [rw] subject_alternative_names
The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate. @return [Array<Types::GeneralName>]
@see docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/Extensions AWS API Documentation
Constants
- SENSITIVE