Describes well-known X.509 extensions that can appear in a [Certificate][google.cloud.security.privateca.v1.Certificate],
not including the [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] extension.
Refers to OCSP servers in a certificate's Authority Information Access
extension, as described in
RFC 5280
section 4.2.2.1,
This corresponds to the [X509Parameters.aia_ocsp_servers][google.cloud.security.privateca.v1.X509Parameters.aia_ocsp_servers] field.
BaseKeyUsage
Refers to a certificate's Key Usage extension, as described in RFC 5280
section 4.2.1.3.
This corresponds to the [KeyUsage.base_key_usage][google.cloud.security.privateca.v1.KeyUsage.base_key_usage] field.
CaOptions
Refers to a certificate's Basic Constraints extension, as described in
RFC 5280
section 4.2.1.9.
This corresponds to the [X509Parameters.ca_options][google.cloud.security.privateca.v1.X509Parameters.ca_options] field.
ExtendedKeyUsage
Refers to a certificate's Extended Key Usage extension, as described in
RFC 5280
section 4.2.1.12.
This corresponds to the [KeyUsage.extended_key_usage][google.cloud.security.privateca.v1.KeyUsage.extended_key_usage] message.
PolicyIds
Refers to a certificate's Policy object identifiers, as described in
RFC 5280
section 4.2.1.4.
This corresponds to the [X509Parameters.policy_ids][google.cloud.security.privateca.v1.X509Parameters.policy_ids] field.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-04-17 UTC."],[[["This page provides documentation for the `KnownCertificateExtension` enum within the `Google.Cloud.Security.PrivateCA.V1` namespace, detailing well-known X.509 certificate extensions."],["The documentation covers various versions of the `KnownCertificateExtension`, ranging from version 1.0.0 to the latest 3.9.0, with version 2.2.0 being the default."],["The `KnownCertificateExtension` enum includes fields such as `AiaOcspServers`, `BaseKeyUsage`, `CaOptions`, `ExtendedKeyUsage`, `PolicyIds`, and `Unspecified`, each corresponding to specific X.509 extensions or a lack of specification."],["Each field within the `KnownCertificateExtension` enum is associated with relevant RFC 5280 sections, providing detailed descriptions and context for each extension."]]],[]]
