Class CertificateAuthority.Types.CertificateAuthorityPolicy

The issuing policy for a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. [Certificates][google.cloud.security.privateca.v1beta1.Certificate] will not be successfully issued from this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] if they violate the policy.

Inheritance

System.Object

CertificateAuthority.Types.CertificateAuthorityPolicy

Implements

IMessage<CertificateAuthority.Types.CertificateAuthorityPolicy>

System.IEquatable<CertificateAuthority.Types.CertificateAuthorityPolicy>

IDeepCloneable<CertificateAuthority.Types.CertificateAuthorityPolicy>

Google.Protobuf.IBufferMessage

IMessage

Inherited Members

System.Object.ToString()

System.Object.GetHashCode()

System.Object.GetType()

System.Object.MemberwiseClone()

Namespace: Google.Cloud.Security.PrivateCA.V1Beta1

Assembly: Google.Cloud.Security.PrivateCA.V1Beta1.dll

Syntax

public sealed class CertificateAuthorityPolicy : IMessage<CertificateAuthority.Types.CertificateAuthorityPolicy>, IEquatable<CertificateAuthority.Types.CertificateAuthorityPolicy>, IDeepCloneable<CertificateAuthority.Types.CertificateAuthorityPolicy>, IBufferMessage, IMessage

Constructors

CertificateAuthorityPolicy()

Declaration

public CertificateAuthorityPolicy()

CertificateAuthorityPolicy(CertificateAuthority.Types.CertificateAuthorityPolicy)

Declaration

public CertificateAuthorityPolicy(CertificateAuthority.Types.CertificateAuthorityPolicy other)

Parameters

Type	Name	Description
CertificateAuthority.Types.CertificateAuthorityPolicy	other

Properties

AllowedCommonNames

Optional. If any value is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.

Declaration

public RepeatedField<string> AllowedCommonNames { get; }

Property Value

Type	Description
RepeatedField<System.String>

AllowedConfigList

Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] in the list.

Declaration

public CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedConfigList AllowedConfigList { get; set; }

Property Value

Type	Description
CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedConfigList

AllowedIssuanceModes

Optional. If specified, then only methods allowed in the [IssuanceModes][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes] may be used to issue [Certificates][google.cloud.security.privateca.v1beta1.Certificate].

Declaration

public CertificateAuthority.Types.CertificateAuthorityPolicy.Types.IssuanceModes AllowedIssuanceModes { get; set; }

Property Value

Type	Description
CertificateAuthority.Types.CertificateAuthorityPolicy.Types.IssuanceModes

AllowedLocationsAndOrganizations

Optional. If any [Subject][google.cloud.security.privateca.v1beta1.Subject] is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed [Subject][google.cloud.security.privateca.v1beta1.Subject]. If a [Subject][google.cloud.security.privateca.v1beta1.Subject] has an empty field, any value will be allowed for that field.

Declaration

public RepeatedField<Subject> AllowedLocationsAndOrganizations { get; }

Property Value

Type	Description
RepeatedField<Subject>

AllowedSans

Optional. If a [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames] is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames]. If no value or an empty value is specified, any value will be allowed for the [SubjectAltNames][google.cloud.security.privateca.v1beta1.SubjectAltNames] field.

Declaration

public CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedSubjectAltNames AllowedSans { get; set; }

Property Value

Type	Description
CertificateAuthority.Types.CertificateAuthorityPolicy.Types.AllowedSubjectAltNames

ConfigPolicyCase

Declaration

public CertificateAuthority.Types.CertificateAuthorityPolicy.ConfigPolicyOneofCase ConfigPolicyCase { get; }

Property Value

Type	Description
CertificateAuthority.Types.CertificateAuthorityPolicy.ConfigPolicyOneofCase

MaximumLifetime

Optional. The maximum lifetime allowed by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. Note that if the any part if the issuing chain expires before a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]'s requested maximum_lifetime, the effective lifetime will be explicitly truncated.

Declaration

public Duration MaximumLifetime { get; set; }

Property Value

Type	Description
Duration

OverwriteConfigValues

Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] will use the provided configuration values, overwriting any requested configuration values.

Declaration

public ReusableConfigWrapper OverwriteConfigValues { get; set; }

Property Value

Type	Description
ReusableConfigWrapper