Class IssuancePolicy
Defines controls over all certificate issuance within a CaPool.
Implements
Inherited Members
Namespace: Google.Apis.CertificateAuthorityService.v1.Data
Assembly: Google.Apis.CertificateAuthorityService.v1.dll
Syntax
public class IssuancePolicy : IDirectResponseSchemaProperties
AllowedIssuanceModes
Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
Declaration
[JsonProperty("allowedIssuanceModes")]
public virtual IssuanceModes AllowedIssuanceModes { get; set; }Property Value
| Type | Description |
|---|---|
| IssuanceModes |
AllowedKeyTypes
Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.
Declaration
[JsonProperty("allowedKeyTypes")]
public virtual IList<AllowedKeyType> AllowedKeyTypes { get; set; }Property Value
| Type | Description |
|---|---|
| IList<AllowedKeyType> |
BackdateDuration
Optional. The duration to backdate all certificates issued from this CaPool. If not set, the certificates will be issued with a not_before_time of the issuance time (i.e. the current time). If set, the certificates will be issued with a not_before_time of the issuance time minus the backdate_duration. The not_after_time will be adjusted to preserve the requested lifetime. The backdate_duration must be less than or equal to 48 hours.
Declaration
[JsonProperty("backdateDuration")]
public virtual object BackdateDuration { get; set; }Property Value
| Type | Description |
|---|---|
| object |
BaselineValues
Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.
Declaration
[JsonProperty("baselineValues")]
public virtual X509Parameters BaselineValues { get; set; }Property Value
| Type | Description |
|---|---|
| X509Parameters |
ETag
The ETag of the item.
Declaration
public virtual string ETag { get; set; }Property Value
| Type | Description |
|---|---|
| string |
IdentityConstraints
Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.
Declaration
[JsonProperty("identityConstraints")]
public virtual CertificateIdentityConstraints IdentityConstraints { get; set; }Property Value
| Type | Description |
|---|---|
| CertificateIdentityConstraints |
MaximumLifetime
Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate resource's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
Declaration
[JsonProperty("maximumLifetime")]
public virtual object MaximumLifetime { get; set; }Property Value
| Type | Description |
|---|---|
| object |
PassthroughExtensions
Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.
Declaration
[JsonProperty("passthroughExtensions")]
public virtual CertificateExtensionConstraints PassthroughExtensions { get; set; }Property Value
| Type | Description |
|---|---|
| CertificateExtensionConstraints |