public static final class CaPool.IssuancePolicy extends GeneratedMessageV3 implements CaPool.IssuancePolicyOrBuilder
Defines controls over all certificate issuance within a CaPool.
Protobuf type google.cloud.security.privateca.v1.CaPool.IssuancePolicy
Static Fields
ALLOWED_ISSUANCE_MODES_FIELD_NUMBER
public static final int ALLOWED_ISSUANCE_MODES_FIELD_NUMBER
Field Value
ALLOWED_KEY_TYPES_FIELD_NUMBER
public static final int ALLOWED_KEY_TYPES_FIELD_NUMBER
Field Value
BASELINE_VALUES_FIELD_NUMBER
public static final int BASELINE_VALUES_FIELD_NUMBER
Field Value
IDENTITY_CONSTRAINTS_FIELD_NUMBER
public static final int IDENTITY_CONSTRAINTS_FIELD_NUMBER
Field Value
MAXIMUM_LIFETIME_FIELD_NUMBER
public static final int MAXIMUM_LIFETIME_FIELD_NUMBER
Field Value
PASSTHROUGH_EXTENSIONS_FIELD_NUMBER
public static final int PASSTHROUGH_EXTENSIONS_FIELD_NUMBER
Field Value
Static Methods
getDefaultInstance()
public static CaPool.IssuancePolicy getDefaultInstance()
Returns
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
Returns
newBuilder()
public static CaPool.IssuancePolicy.Builder newBuilder()
Returns
newBuilder(CaPool.IssuancePolicy prototype)
public static CaPool.IssuancePolicy.Builder newBuilder(CaPool.IssuancePolicy prototype)
Parameter
Returns
public static CaPool.IssuancePolicy parseDelimitedFrom(InputStream input)
Parameter
Returns
Exceptions
public static CaPool.IssuancePolicy parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
parseFrom(byte[] data)
public static CaPool.IssuancePolicy parseFrom(byte[] data)
Parameter
Name | Description |
data | byte[]
|
Returns
Exceptions
parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
public static CaPool.IssuancePolicy parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
parseFrom(ByteString data)
public static CaPool.IssuancePolicy parseFrom(ByteString data)
Parameter
Returns
Exceptions
parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
public static CaPool.IssuancePolicy parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
public static CaPool.IssuancePolicy parseFrom(CodedInputStream input)
Parameter
Returns
Exceptions
public static CaPool.IssuancePolicy parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
public static CaPool.IssuancePolicy parseFrom(InputStream input)
Parameter
Returns
Exceptions
public static CaPool.IssuancePolicy parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
parseFrom(ByteBuffer data)
public static CaPool.IssuancePolicy parseFrom(ByteBuffer data)
Parameter
Returns
Exceptions
parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
public static CaPool.IssuancePolicy parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
parser()
public static Parser<CaPool.IssuancePolicy> parser()
Returns
Methods
equals(Object obj)
public boolean equals(Object obj)
Parameter
Returns
Overrides
getAllowedIssuanceModes()
public CaPool.IssuancePolicy.IssuanceModes getAllowedIssuanceModes()
Optional. If specified, then only methods allowed in the IssuanceModes may be
used to issue Certificates.
.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];
Returns
getAllowedIssuanceModesOrBuilder()
public CaPool.IssuancePolicy.IssuanceModesOrBuilder getAllowedIssuanceModesOrBuilder()
Optional. If specified, then only methods allowed in the IssuanceModes may be
used to issue Certificates.
.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];
Returns
getAllowedKeyTypes(int index)
public CaPool.IssuancePolicy.AllowedKeyType getAllowedKeyTypes(int index)
Optional. If any AllowedKeyType is specified, then the certificate request's
public key must match one of the key types listed here. Otherwise,
any key may be used.
repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];
Parameter
Returns
getAllowedKeyTypesCount()
public int getAllowedKeyTypesCount()
Optional. If any AllowedKeyType is specified, then the certificate request's
public key must match one of the key types listed here. Otherwise,
any key may be used.
repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];
Returns
getAllowedKeyTypesList()
public List<CaPool.IssuancePolicy.AllowedKeyType> getAllowedKeyTypesList()
Optional. If any AllowedKeyType is specified, then the certificate request's
public key must match one of the key types listed here. Otherwise,
any key may be used.
repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];
Returns
getAllowedKeyTypesOrBuilder(int index)
public CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder getAllowedKeyTypesOrBuilder(int index)
Optional. If any AllowedKeyType is specified, then the certificate request's
public key must match one of the key types listed here. Otherwise,
any key may be used.
repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];
Parameter
Returns
getAllowedKeyTypesOrBuilderList()
public List<? extends CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder> getAllowedKeyTypesOrBuilderList()
Optional. If any AllowedKeyType is specified, then the certificate request's
public key must match one of the key types listed here. Otherwise,
any key may be used.
repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type | Description |
List<? extends com.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder> | |
getBaselineValues()
public X509Parameters getBaselineValues()
Optional. A set of X.509 values that will be applied to all certificates issued
through this CaPool. If a certificate request includes conflicting
values for the same properties, they will be overwritten by the values
defined here. If a certificate request uses a CertificateTemplate
that defines conflicting
predefined_values for the same
properties, the certificate issuance request will fail.
.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];
Returns
getBaselineValuesOrBuilder()
public X509ParametersOrBuilder getBaselineValuesOrBuilder()
Optional. A set of X.509 values that will be applied to all certificates issued
through this CaPool. If a certificate request includes conflicting
values for the same properties, they will be overwritten by the values
defined here. If a certificate request uses a CertificateTemplate
that defines conflicting
predefined_values for the same
properties, the certificate issuance request will fail.
.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];
Returns
getDefaultInstanceForType()
public CaPool.IssuancePolicy getDefaultInstanceForType()
Returns
getIdentityConstraints()
public CertificateIdentityConstraints getIdentityConstraints()
Optional. Describes constraints on identities that may appear in
Certificates issued through this CaPool.
If this is omitted, then this CaPool will not add restrictions on a
certificate's identity.
.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];
Returns
getIdentityConstraintsOrBuilder()
public CertificateIdentityConstraintsOrBuilder getIdentityConstraintsOrBuilder()
Optional. Describes constraints on identities that may appear in
Certificates issued through this CaPool.
If this is omitted, then this CaPool will not add restrictions on a
certificate's identity.
.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];
Returns
getMaximumLifetime()
public Duration getMaximumLifetime()
Optional. The maximum lifetime allowed for issued Certificates. Note
that if the issuing CertificateAuthority expires before a
Certificate's requested maximum_lifetime, the effective lifetime will
be explicitly truncated to match it.
.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type | Description |
Duration | The maximumLifetime.
|
getMaximumLifetimeOrBuilder()
public DurationOrBuilder getMaximumLifetimeOrBuilder()
Optional. The maximum lifetime allowed for issued Certificates. Note
that if the issuing CertificateAuthority expires before a
Certificate's requested maximum_lifetime, the effective lifetime will
be explicitly truncated to match it.
.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];
Returns
getParserForType()
public Parser<CaPool.IssuancePolicy> getParserForType()
Returns
Overrides
getPassthroughExtensions()
public CertificateExtensionConstraints getPassthroughExtensions()
Optional. Describes the set of X.509 extensions that may appear in a
Certificate issued through this CaPool. If a certificate request
sets extensions that don't appear in the passthrough_extensions,
those extensions will be dropped. If a certificate request uses a
CertificateTemplate with
predefined_values that don't
appear here, the certificate issuance request will fail. If this is
omitted, then this CaPool will not add restrictions on a
certificate's X.509 extensions. These constraints do not apply to X.509
extensions set in this CaPool's baseline_values.
.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];
Returns
getPassthroughExtensionsOrBuilder()
public CertificateExtensionConstraintsOrBuilder getPassthroughExtensionsOrBuilder()
Optional. Describes the set of X.509 extensions that may appear in a
Certificate issued through this CaPool. If a certificate request
sets extensions that don't appear in the passthrough_extensions,
those extensions will be dropped. If a certificate request uses a
CertificateTemplate with
predefined_values that don't
appear here, the certificate issuance request will fail. If this is
omitted, then this CaPool will not add restrictions on a
certificate's X.509 extensions. These constraints do not apply to X.509
extensions set in this CaPool's baseline_values.
.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];
Returns
getSerializedSize()
public int getSerializedSize()
Returns
Overrides
getUnknownFields()
public final UnknownFieldSet getUnknownFields()
Returns
Overrides
hasAllowedIssuanceModes()
public boolean hasAllowedIssuanceModes()
Optional. If specified, then only methods allowed in the IssuanceModes may be
used to issue Certificates.
.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type | Description |
boolean | Whether the allowedIssuanceModes field is set.
|
hasBaselineValues()
public boolean hasBaselineValues()
Optional. A set of X.509 values that will be applied to all certificates issued
through this CaPool. If a certificate request includes conflicting
values for the same properties, they will be overwritten by the values
defined here. If a certificate request uses a CertificateTemplate
that defines conflicting
predefined_values for the same
properties, the certificate issuance request will fail.
.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type | Description |
boolean | Whether the baselineValues field is set.
|
hasIdentityConstraints()
public boolean hasIdentityConstraints()
Optional. Describes constraints on identities that may appear in
Certificates issued through this CaPool.
If this is omitted, then this CaPool will not add restrictions on a
certificate's identity.
.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type | Description |
boolean | Whether the identityConstraints field is set.
|
hasMaximumLifetime()
public boolean hasMaximumLifetime()
Optional. The maximum lifetime allowed for issued Certificates. Note
that if the issuing CertificateAuthority expires before a
Certificate's requested maximum_lifetime, the effective lifetime will
be explicitly truncated to match it.
.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type | Description |
boolean | Whether the maximumLifetime field is set.
|
hasPassthroughExtensions()
public boolean hasPassthroughExtensions()
Optional. Describes the set of X.509 extensions that may appear in a
Certificate issued through this CaPool. If a certificate request
sets extensions that don't appear in the passthrough_extensions,
those extensions will be dropped. If a certificate request uses a
CertificateTemplate with
predefined_values that don't
appear here, the certificate issuance request will fail. If this is
omitted, then this CaPool will not add restrictions on a
certificate's X.509 extensions. These constraints do not apply to X.509
extensions set in this CaPool's baseline_values.
.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type | Description |
boolean | Whether the passthroughExtensions field is set.
|
hashCode()
Returns
Overrides
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
Overrides
isInitialized()
public final boolean isInitialized()
Returns
Overrides
newBuilderForType()
public CaPool.IssuancePolicy.Builder newBuilderForType()
Returns
newBuilderForType(GeneratedMessageV3.BuilderParent parent)
protected CaPool.IssuancePolicy.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Parameter
Returns
Overrides
newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Parameter
Returns
Overrides
toBuilder()
public CaPool.IssuancePolicy.Builder toBuilder()
Returns
writeTo(CodedOutputStream output)
public void writeTo(CodedOutputStream output)
Parameter
Overrides
Exceptions