File: PkiSignVerbatimRequest.md

package info (click to toggle)
gitlab 17.6.5-19
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 629,368 kB
  • sloc: ruby: 1,915,304; javascript: 557,307; sql: 60,639; xml: 6,509; sh: 4,567; makefile: 1,239; python: 406
file content (60 lines) | stat: -rw-r--r-- 5,622 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
# OpenbaoClient::PkiSignVerbatimRequest

## Properties

| Name | Type | Description | Notes |
| ---- | ---- | ----------- | ----- |
| **alt_names** | **String** | The requested Subject Alternative Names, if any, in a comma-delimited list. If email protection is enabled for the role, this may contain email addresses. | [optional] |
| **basic_constraints_valid_for_non_ca** | **Boolean** | Mark Basic Constraints valid when issuing non-CA certificates. | [optional][default to false] |
| **common_name** | **String** | The requested common name; if you want more than one, specify the alternative names in the alt_names map. If email protection is enabled in the role, this may be an email address. | [optional] |
| **csr** | **String** | PEM-format CSR to be signed. Values will be taken verbatim from the CSR, except for basic constraints. | [optional][default to ''] |
| **exclude_cn_from_sans** | **Boolean** | If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included). | [optional][default to false] |
| **ext_key_usage** | **Array<String>** | A comma-separated string or list of extended key usages. Valid values can be found at https://golang.org/pkg/crypto/x509/#ExtKeyUsage -- simply drop the \"ExtKeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list. | [optional] |
| **ext_key_usage_oids** | **Array<String>** | A comma-separated string or list of extended key usage oids. | [optional] |
| **format** | **String** | Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\". | [optional][default to 'pem'] |
| **ip_sans** | **Array<String>** | The requested IP SANs, if any, in a comma-delimited list | [optional] |
| **issuer_ref** | **String** | Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer. | [optional][default to 'default'] |
| **key_usage** | **Array<String>** | A comma-separated string or list of key usages (not extended key usages). Valid values can be found at https://golang.org/pkg/crypto/x509/#KeyUsage -- simply drop the \"KeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list. | [optional] |
| **not_after** | **String** | Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ | [optional] |
| **other_sans** | **Array<String>** | Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry. | [optional] |
| **private_key_format** | **String** | Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\". | [optional][default to 'der'] |
| **remove_roots_from_chain** | **Boolean** | Whether or not to remove self-signed CA certificates in the output of the ca_chain field. | [optional][default to false] |
| **role** | **String** | The desired role with configuration for this request | [optional] |
| **serial_number** | **String** | The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field. | [optional] |
| **signature_bits** | **Integer** | The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves). | [optional][default to 0] |
| **ttl** | **Integer** | The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the role max TTL. | [optional] |
| **uri_sans** | **Array<String>** | The requested URI SANs, if any, in a comma-delimited list. | [optional] |
| **use_pss** | **Boolean** | Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false. | [optional][default to false] |
| **user_ids** | **Array<String>** | The requested user_ids value to place in the subject, if any, in a comma-delimited list. Restricted by allowed_user_ids. Any values are added with OID 0.9.2342.19200300.100.1.1. | [optional] |

## Example

```ruby
require 'openbao_client'

instance = OpenbaoClient::PkiSignVerbatimRequest.new(
  alt_names: null,
  basic_constraints_valid_for_non_ca: null,
  common_name: null,
  csr: null,
  exclude_cn_from_sans: null,
  ext_key_usage: null,
  ext_key_usage_oids: null,
  format: null,
  ip_sans: null,
  issuer_ref: null,
  key_usage: null,
  not_after: null,
  other_sans: null,
  private_key_format: null,
  remove_roots_from_chain: null,
  role: null,
  serial_number: null,
  signature_bits: null,
  ttl: null,
  uri_sans: null,
  use_pss: null,
  user_ids: null
)
```