Class: Google::Cloud::Security::PrivateCA::V1::CertificateExtensionConstraints

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/security/privateca/v1/resources.rb

Overview

Describes a set of X.509 extensions that may be part of some certificate issuance controls.

Defined Under Namespace

Modules: KnownCertificateExtension

Instance Attribute Summary collapse

Instance Attribute Details

#additional_extensions::Array<::Google::Cloud::Security::PrivateCA::V1::ObjectId>

Returns Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.

Returns:



1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1083

class CertificateExtensionConstraints
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Describes well-known X.509 extensions that can appear in a {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificate},
  # not including the {::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames SubjectAltNames} extension.
  module KnownCertificateExtension
    # Not specified.
    KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED = 0

    # Refers to a certificate's Key Usage extension, as described in [RFC 5280
    # section 4.2.1.3](https://tools.ietf.org/html/rfc5280#section-4.2.1.3).
    # This corresponds to the {::Google::Cloud::Security::PrivateCA::V1::KeyUsage#base_key_usage KeyUsage.base_key_usage} field.
    BASE_KEY_USAGE = 1

    # Refers to a certificate's Extended Key Usage extension, as described in
    # [RFC 5280
    # section 4.2.1.12](https://tools.ietf.org/html/rfc5280#section-4.2.1.12).
    # This corresponds to the {::Google::Cloud::Security::PrivateCA::V1::KeyUsage#extended_key_usage KeyUsage.extended_key_usage} message.
    EXTENDED_KEY_USAGE = 2

    # Refers to a certificate's Basic Constraints extension, as described in
    # [RFC 5280
    # section 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9).
    # This corresponds to the {::Google::Cloud::Security::PrivateCA::V1::X509Parameters#ca_options X509Parameters.ca_options} field.
    CA_OPTIONS = 3

    # Refers to a certificate's Policy object identifiers, as described in
    # [RFC 5280
    # section 4.2.1.4](https://tools.ietf.org/html/rfc5280#section-4.2.1.4).
    # This corresponds to the {::Google::Cloud::Security::PrivateCA::V1::X509Parameters#policy_ids X509Parameters.policy_ids} field.
    POLICY_IDS = 4

    # Refers to OCSP servers in a certificate's Authority Information Access
    # extension, as described in
    # [RFC 5280
    # section 4.2.2.1](https://tools.ietf.org/html/rfc5280#section-4.2.2.1),
    # This corresponds to the {::Google::Cloud::Security::PrivateCA::V1::X509Parameters#aia_ocsp_servers X509Parameters.aia_ocsp_servers} field.
    AIA_OCSP_SERVERS = 5
  end
end

#known_extensions::Array<::Google::Cloud::Security::PrivateCA::V1::CertificateExtensionConstraints::KnownCertificateExtension>

Returns Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.

Returns:



1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1083

class CertificateExtensionConstraints
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Describes well-known X.509 extensions that can appear in a {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificate},
  # not including the {::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames SubjectAltNames} extension.
  module KnownCertificateExtension
    # Not specified.
    KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED = 0

    # Refers to a certificate's Key Usage extension, as described in [RFC 5280
    # section 4.2.1.3](https://tools.ietf.org/html/rfc5280#section-4.2.1.3).
    # This corresponds to the {::Google::Cloud::Security::PrivateCA::V1::KeyUsage#base_key_usage KeyUsage.base_key_usage} field.
    BASE_KEY_USAGE = 1

    # Refers to a certificate's Extended Key Usage extension, as described in
    # [RFC 5280
    # section 4.2.1.12](https://tools.ietf.org/html/rfc5280#section-4.2.1.12).
    # This corresponds to the {::Google::Cloud::Security::PrivateCA::V1::KeyUsage#extended_key_usage KeyUsage.extended_key_usage} message.
    EXTENDED_KEY_USAGE = 2

    # Refers to a certificate's Basic Constraints extension, as described in
    # [RFC 5280
    # section 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9).
    # This corresponds to the {::Google::Cloud::Security::PrivateCA::V1::X509Parameters#ca_options X509Parameters.ca_options} field.
    CA_OPTIONS = 3

    # Refers to a certificate's Policy object identifiers, as described in
    # [RFC 5280
    # section 4.2.1.4](https://tools.ietf.org/html/rfc5280#section-4.2.1.4).
    # This corresponds to the {::Google::Cloud::Security::PrivateCA::V1::X509Parameters#policy_ids X509Parameters.policy_ids} field.
    POLICY_IDS = 4

    # Refers to OCSP servers in a certificate's Authority Information Access
    # extension, as described in
    # [RFC 5280
    # section 4.2.2.1](https://tools.ietf.org/html/rfc5280#section-4.2.2.1),
    # This corresponds to the {::Google::Cloud::Security::PrivateCA::V1::X509Parameters#aia_ocsp_servers X509Parameters.aia_ocsp_servers} field.
    AIA_OCSP_SERVERS = 5
  end
end