Interface CfnTemplate.EnrollmentFlagsV4Property
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
CfnTemplate.EnrollmentFlagsV4Property.Jsii$Proxy
- Enclosing class:
CfnTemplate
@Stability(Stable)
public static interface CfnTemplate.EnrollmentFlagsV4Property
extends software.amazon.jsii.JsiiSerializable
Template configurations for v4 template schema.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.pcaconnectorad.*; EnrollmentFlagsV4Property enrollmentFlagsV4Property = EnrollmentFlagsV4Property.builder() .enableKeyReuseOnNtTokenKeysetStorageFull(false) .includeSymmetricAlgorithms(false) .noSecurityExtension(false) .removeInvalidCertificateFromPersonalStore(false) .userInteractionRequired(false) .build();
- See Also:
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic final class
A builder forCfnTemplate.EnrollmentFlagsV4Property
static final class
An implementation forCfnTemplate.EnrollmentFlagsV4Property
-
Method Summary
Modifier and TypeMethodDescriptionbuilder()
default Object
Allow renewal using the same key.default Object
Include symmetric algorithms allowed by the subject.default Object
This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate.default Object
Delete expired or revoked certificates instead of archiving them.default Object
Require user interaction when the subject is enrolled and the private key associated with the certificate is used.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getEnableKeyReuseOnNtTokenKeysetStorageFull
Allow renewal using the same key.- See Also:
-
getIncludeSymmetricAlgorithms
Include symmetric algorithms allowed by the subject.- See Also:
-
getNoSecurityExtension
This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.- See Also:
-
getRemoveInvalidCertificateFromPersonalStore
Delete expired or revoked certificates instead of archiving them.- See Also:
-
getUserInteractionRequired
Require user interaction when the subject is enrolled and the private key associated with the certificate is used.- See Also:
-
builder
-