File: PkiIssuersGenerateIntermediateRequest.md

package info (click to toggle)
gitlab 17.6.5-19
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 629,368 kB
  • sloc: ruby: 1,915,304; javascript: 557,307; sql: 60,639; xml: 6,509; sh: 4,567; makefile: 1,239; python: 406
file content (66 lines) | stat: -rw-r--r-- 5,811 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
 
# OpenbaoClient::PkiIssuersGenerateIntermediateRequest

## Properties

| Name | Type | Description | Notes |
| ---- | ---- | ----------- | ----- |
| **add_basic_constraints** | **Boolean** | Whether to add a Basic Constraints extension with CA: true. Only needed as a workaround in some compatibility scenarios with Active Directory Certificate Services. | [optional] |
| **alt_names** | **String** | The requested Subject Alternative Names, if any, in a comma-delimited list. May contain both DNS names and email addresses. | [optional] |
| **common_name** | **String** | The requested common name; if you want more than one, specify the alternative names in the alt_names map. If not specified when signing, the common name will be taken from the CSR; other names must still be specified in alt_names or ip_sans. | [optional] |
| **country** | **Array<String>** | If set, Country will be set to this value. | [optional] |
| **exclude_cn_from_sans** | **Boolean** | If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included). | [optional][default to false] |
| **format** | **String** | Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\". | [optional][default to 'pem'] |
| **ip_sans** | **Array<String>** | The requested IP SANs, if any, in a comma-delimited list | [optional] |
| **key_bits** | **Integer** | The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519. | [optional][default to 0] |
| **key_name** | **String** | Provide a name to the generated or existing key, the name must be unique across all keys and not be the reserved value 'default' | [optional] |
| **key_ref** | **String** | Reference to a existing key; either \"default\" for the configured default key, an identifier or the name assigned to the key. | [optional][default to 'default'] |
| **key_type** | **String** | The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values. | [optional][default to 'rsa'] |
| **locality** | **Array<String>** | If set, Locality will be set to this value. | [optional] |
| **not_after** | **String** | Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ | [optional] |
| **not_before_duration** | **Integer** | The duration before now which the certificate needs to be backdated by. | [optional][default to 30] |
| **organization** | **Array<String>** | If set, O (Organization) will be set to this value. | [optional] |
| **other_sans** | **Array<String>** | Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry. | [optional] |
| **ou** | **Array<String>** | If set, OU (OrganizationalUnit) will be set to this value. | [optional] |
| **postal_code** | **Array<String>** | If set, Postal Code will be set to this value. | [optional] |
| **private_key_format** | **String** | Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\". | [optional][default to 'der'] |
| **province** | **Array<String>** | If set, Province will be set to this value. | [optional] |
| **serial_number** | **String** | The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field. | [optional] |
| **signature_bits** | **Integer** | The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves). | [optional][default to 0] |
| **street_address** | **Array<String>** | If set, Street Address will be set to this value. | [optional] |
| **ttl** | **Integer** | The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the mount max TTL. Note: this only has an effect when generating a CA cert or signing a CA cert, not when generating a CSR for an intermediate CA. | [optional] |
| **uri_sans** | **Array<String>** | The requested URI SANs, if any, in a comma-delimited list. | [optional] |

## Example

```ruby
require 'openbao_client'

instance = OpenbaoClient::PkiIssuersGenerateIntermediateRequest.new(
  add_basic_constraints: null,
  alt_names: null,
  common_name: null,
  country: null,
  exclude_cn_from_sans: null,
  format: null,
  ip_sans: null,
  key_bits: null,
  key_name: null,
  key_ref: null,
  key_type: null,
  locality: null,
  not_after: null,
  not_before_duration: null,
  organization: null,
  other_sans: null,
  ou: null,
  postal_code: null,
  private_key_format: null,
  province: null,
  serial_number: null,
  signature_bits: null,
  street_address: null,
  ttl: null,
  uri_sans: null
)
```