PkiRole.Request |
PkiRole.Request.addAllowedDomain(String domain) |
Specifies the domains of the role.
|
PkiRole.Request |
PkiRole.Request.addAllowedOtherSan(String subjectAlternativeName) |
Defines allowed custom OID/UTF8-string SANs.
|
PkiRole.Request |
PkiRole.Request.addAllowedUriSan(String subjectAlternativeName) |
Defines allowed URI Subject Alternative Names.
|
PkiRole.Request |
PkiRole.Request.addCountry(String country) |
Adds the C (Country) value in the subject field of issued certificates.
|
PkiRole.Request |
PkiRole.Request.addExtKeyUsage(String extKeyUsage) |
Specifies the allowed extended key usage constraint on issued certificates.
|
PkiRole.Request |
PkiRole.Request.addExtKeyUsageOid(String extKeyUsageOid) |
Add an extended usage OID.
|
PkiRole.Request |
PkiRole.Request.addLocality(String locality) |
Adds the L (Locality) value in the subject field of issued certificates.
|
PkiRole.Request |
PkiRole.Request.addOrg(String org) |
Adds an O (Organization) value in the subject field of issued certificates.
|
PkiRole.Request |
PkiRole.Request.addOrgUnit(String orgUnit) |
Adds an OU (OrganizationalUnit) value in the subject field of issued certificates.
|
PkiRole.Request |
PkiRole.Request.addPolicyIdentifier(String policyIdentifierOid) |
Add a policy identifier OID.
|
PkiRole.Request |
PkiRole.Request.addPostalCode(String postalCode) |
Adds a Postal Code values in the subject field of issued certificates.
|
PkiRole.Request |
PkiRole.Request.addProvince(String province) |
Adds the ST (Province) values in the subject field of issued certificates.
|
PkiRole.Request |
PkiRole.Request.addStreetAddress(String streetAddress) |
Adds a Street Address values in the subject field of issued certificates.
|
PkiRole.Request |
PkiRole.Request.allowAnyName(boolean allowAnyName) |
Specifies if clients can request any CN.
|
PkiRole.Request |
PkiRole.Request.allowBareDomains(boolean allowBareDomains) |
Specifies if clients can request certificates matching the value of the actual domains themselves; e.g.
|
PkiRole.Request |
PkiRole.Request.allowedDomainTemplates(boolean allowDomainTemplates) |
|
PkiRole.Request |
PkiRole.Request.allowGlobDomains(boolean allowGlobDomains) |
Allows names specified in allowed_domains to contain glob patterns (e.g.
|
PkiRole.Request |
PkiRole.Request.allowIpSans(boolean allowIpSans) |
Specifies if clients can request IP Subject Alternative Names.
|
PkiRole.Request |
PkiRole.Request.allowLocalhost(boolean allowLocalhost) |
Specifies if clients can request certificates for localhost as one of the requested common names.
|
PkiRole.Request |
PkiRole.Request.allowSubDomains(boolean allowSubDomains) |
Specifies if clients can request certificates with CNs that are subdomains of the CNs allowed by the other role options.
|
PkiRole.Request |
PkiRole.Request.basicConstraintsValidForNonCa(boolean basicConstraintsValidForNonCa) |
Mark Basic Constraints valid when issuing non-CA certificates.
|
static PkiRole.Request |
PkiRole.Request.builder() |
Fluent API builder for configuring a request.
|
PkiRole.Request |
PkiRole.Request.clientFlag(boolean clientFlag) |
Specifies if certificates are flagged for client use.
|
PkiRole.Request |
PkiRole.Request.codeSigningFlag(boolean codeSigningFlag) |
Specifies if certificates are flagged for code signing use.
|
PkiRole.Request |
PkiRole.Request.emailProtectionFlag(boolean emailProtectionFlag) |
Specifies if certificates are flagged for email protection use.
|
PkiRole.Request |
PkiRole.Request.enforceHostnames(boolean enforceHostnames) |
Specifies if only valid host names are allowed for CNs, DNS SANs, and the host part of email addresses.
|
PkiRole.Request |
PkiRole.Request.generateLease(boolean generateLease) |
Specifies if certificates issued/signed against this role will have Vault leases attached to them.
|
PkiRole.Request |
PkiRole.Request.keyBits(int keyBits) |
Specifies the number of bits to use for the generated keys.
|
PkiRole.Request |
PkiRole.Request.keyType(String keyType) |
Specifies the type of key to generate for generated private keys and the type of key expected for submitted CSRs.
|
PkiRole.Request |
PkiRole.Request.keyUsage(List<String> keyUsage) |
Configure list of usages.
|
PkiRole.Request |
PkiRole.Request.maxTtl(Duration maxTtl) |
Specifies the maximum Time To Live.
|
PkiRole.Request |
PkiRole.Request.noStore(boolean noStore) |
If set, certificates issued/signed against this role will not be stored in the storage backend.
|
PkiRole.Request |
PkiRole.Request.notBeforeDuration(Duration notBeforeDuration) |
Specifies the duration by which to backdate the NotBefore property.
|
PkiRole.Request |
PkiRole.Request.requireCn(boolean requireCn) |
If set to false, makes the common name field optional while generating a certificate.
|
PkiRole.Request |
PkiRole.Request.roleName(String roleName) |
Configure role name.
|
PkiRole.Request |
PkiRole.Request.serialNumber(String serialNumber) |
Specifies the Serial Number, if any.
|
PkiRole.Request |
PkiRole.Request.serverFlag(boolean serverFlag) |
Specifies if certificates are flagged for server use.
|
PkiRole.Request |
PkiRole.Request.ttl(Duration ttl) |
Specifies the Time To Live value.
|
PkiRole.Request |
PkiRole.Request.useCsrCommonName(boolean useCsrCommonName) |
When used with the CSR signing endpoint, the common name in the CSR will be used instead of taken from the JSON data.
|
PkiRole.Request |
PkiRole.Request.useCsrSans(boolean useCsrSans) |
When used with the CSR signing endpoint, the subject alternate names in the CSR will be used instead of taken from the
JSON data.
|