Package software.amazon.awscdk.services.acmpca

Class CfnCertificateAuthorityProps.Jsii$Proxy

java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.services.acmpca.CfnCertificateAuthorityProps.Jsii$Proxy
All Implemented Interfaces:
CfnCertificateAuthorityProps, software.amazon.jsii.JsiiSerializable
Enclosing interface:
CfnCertificateAuthorityProps
@Stability(Stable) @Internal public static final class CfnCertificateAuthorityProps.Jsii$Proxy extends software.amazon.jsii.JsiiObject implements CfnCertificateAuthorityProps
An implementation for CfnCertificateAuthorityProps

  • Constructor Details

    • Jsii$Proxy

      protected Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)
      Constructor that initializes the object based on values retrieved from the JsiiObject.
      Parameters:
      objRef - Reference to the JSII managed object.

    • Jsii$Proxy

      protected Jsii$Proxy(CfnCertificateAuthorityProps.Builder builder)
      Constructor that initializes the object based on literal property values passed by the CfnCertificateAuthorityProps.Builder.

  • Method Details

    • getKeyAlgorithm

      public final String getKeyAlgorithm()
      Description copied from interface: CfnCertificateAuthorityProps
      Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate.

      When you create a subordinate CA, you must use a key algorithm supported by the parent CA.

      Specified by:
      getKeyAlgorithm in interface CfnCertificateAuthorityProps

    • getSigningAlgorithm

      public final String getSigningAlgorithm()
      Description copied from interface: CfnCertificateAuthorityProps
      Name of the algorithm your private CA uses to sign certificate requests.

      This parameter should not be confused with the SigningAlgorithm parameter used to sign certificates when they are issued.

      Specified by:
      getSigningAlgorithm in interface CfnCertificateAuthorityProps

    • getSubject

      public final Object getSubject()
      Description copied from interface: CfnCertificateAuthorityProps
      Structure that contains X.500 distinguished name information for your private CA.
      Specified by:
      getSubject in interface CfnCertificateAuthorityProps

    • getType

      public final String getType()
      Description copied from interface: CfnCertificateAuthorityProps
      Type of your private CA.
      Specified by:
      getType in interface CfnCertificateAuthorityProps

    • getCsrExtensions

      public final Object getCsrExtensions()
      Description copied from interface: CfnCertificateAuthorityProps
      Specifies information to be added to the extension section of the certificate signing request (CSR).
      Specified by:
      getCsrExtensions in interface CfnCertificateAuthorityProps

    • getKeyStorageSecurityStandard

      public final String getKeyStorageSecurityStandard()
      Description copied from interface: CfnCertificateAuthorityProps
      Specifies a cryptographic key management compliance standard used for handling CA keys.

      Default: FIPS_140_2_LEVEL_3_OR_HIGHER

      Some AWS Regions do not support the default. When creating a CA in these Regions, you must provide FIPS_140_2_LEVEL_2_OR_HIGHER as the argument for KeyStorageSecurityStandard . Failure to do this results in an InvalidArgsException with the message, "A certificate authority cannot be created in this region with the specified security standard."

      For information about security standard support in various Regions, see Storage and security compliance of AWS Private CA private keys .

      Specified by:
      getKeyStorageSecurityStandard in interface CfnCertificateAuthorityProps

    • getRevocationConfiguration

      public final Object getRevocationConfiguration()
      Description copied from interface: CfnCertificateAuthorityProps
      Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions. Your private certificate authority (CA) can configure Online Certificate Status Protocol (OCSP) support and/or maintain a certificate revocation list (CRL). OCSP returns validation information about certificates as requested by clients, and a CRL contains an updated list of certificates revoked by your CA. For more information, see RevokeCertificate in the AWS Private CA API Reference and Setting up a certificate revocation method in the AWS Private CA User Guide .

      The following requirements apply to revocation configurations.

      • A configuration disabling CRLs or OCSP must contain only the Enabled=False parameter, and will fail if other parameters such as CustomCname or ExpirationInDays are included.
      • In a CRL configuration, the S3BucketName parameter must conform to the Amazon S3 bucket naming rules .
      • A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to RFC2396 restrictions on the use of special characters in a CNAME.
      • In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as "http://" or "https://".

      Specified by:
      getRevocationConfiguration in interface CfnCertificateAuthorityProps

    • getTags

      public final List<CfnTag> getTags()
      Description copied from interface: CfnCertificateAuthorityProps
      Key-value pairs that will be attached to the new private CA.

      You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see Controlling Access Using IAM Tags .

      Specified by:
      getTags in interface CfnCertificateAuthorityProps

    • getUsageMode

      public final String getUsageMode()
      Description copied from interface: CfnCertificateAuthorityProps
      Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly.

      Short-lived certificate validity is limited to seven days.

      The default value is GENERAL_PURPOSE.

      Specified by:
      getUsageMode in interface CfnCertificateAuthorityProps

    • $jsii$toJson

      @Internal public com.fasterxml.jackson.databind.JsonNode $jsii$toJson()
      Specified by:
      $jsii$toJson in interface software.amazon.jsii.JsiiSerializable

    • equals

      public final boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object