class Google::Apis::PrivatecaV1beta1::CertificateAuthorityPolicy
The issuing policy for a CertificateAuthority
. Certificates will not be successfully issued from this CertificateAuthority
if they violate the policy.
Attributes
Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority
must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported. Corresponds to the JSON property `allowedCommonNames` @return [Array<String>]
Optional. All Certificates issued by the CertificateAuthority
must match at least one listed ReusableConfigWrapper
in the list. Corresponds to the JSON property `allowedConfigList` @return [Google::Apis::PrivatecaV1beta1::AllowedConfigList]
IssuanceModes
specifies the allowed ways in which Certificates may be requested from this CertificateAuthority
. Corresponds to the JSON property `allowedIssuanceModes` @return [Google::Apis::PrivatecaV1beta1::IssuanceModes]
Optional. If any Subject
is specified here, then all Certificates issued by the CertificateAuthority
must match at least one listed Subject
. If a Subject
has an empty field, any value will be allowed for that field. Corresponds to the JSON property `allowedLocationsAndOrganizations` @return [Array<Google::Apis::PrivatecaV1beta1::Subject>]
AllowedSubjectAltNames
specifies the allowed values for SubjectAltNames
by the CertificateAuthority
when issuing Certificates. Corresponds to the JSON property `allowedSans` @return [Google::Apis::PrivatecaV1beta1::AllowedSubjectAltNames]
Optional. The maximum lifetime allowed by the CertificateAuthority
. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime
, the effective lifetime will be explicitly truncated. Corresponds to the JSON property `maximumLifetime` @return [String]
A ReusableConfigWrapper
describes values that may assist in creating an X.509 certificate, or a reference to a pre-defined set of values. Corresponds to the JSON property `overwriteConfigValues` @return [Google::Apis::PrivatecaV1beta1::ReusableConfigWrapper]
Public Class Methods
# File lib/google/apis/privateca_v1beta1/classes.rb, line 641 def initialize(**args) update!(**args) end
Public Instance Methods
Update properties of this object
# File lib/google/apis/privateca_v1beta1/classes.rb, line 646 def update!(**args) @allowed_common_names = args[:allowed_common_names] if args.key?(:allowed_common_names) @allowed_config_list = args[:allowed_config_list] if args.key?(:allowed_config_list) @allowed_issuance_modes = args[:allowed_issuance_modes] if args.key?(:allowed_issuance_modes) @allowed_locations_and_organizations = args[:allowed_locations_and_organizations] if args.key?(:allowed_locations_and_organizations) @allowed_sans = args[:allowed_sans] if args.key?(:allowed_sans) @maximum_lifetime = args[:maximum_lifetime] if args.key?(:maximum_lifetime) @overwrite_config_values = args[:overwrite_config_values] if args.key?(:overwrite_config_values) end