Class: Google::Cloud::Security::PrivateCA::V1::CertificateExtensionConstraints

Inherits:

Object

Object
Google::Cloud::Security::PrivateCA::V1::CertificateExtensionConstraints

show all

Extended by:: Protobuf::MessageExts::ClassMethods

Includes:: Protobuf::MessageExts

Defined in:: proto_docs/google/cloud/security/privateca/v1/resources.rb

Overview

Describes a set of X.509 extensions that may be part of some certificate issuance controls.

Defined Under Namespace

Modules: KnownCertificateExtension

Instance Attribute Summary collapse

#additional_extensions ⇒ ::Array<::Google::Cloud::Security::PrivateCA::V1::ObjectId>
Optional.
#known_extensions ⇒ ::Array<::Google::Cloud::Security::PrivateCA::V1::CertificateExtensionConstraints::KnownCertificateExtension>
Optional.

Instance Attribute Details

#additional_extensions ⇒ `::Array<::Google::Cloud::Security::PrivateCA::V1::ObjectId>`

Returns Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.

Returns:

(::Array<::Google::Cloud::Security::PrivateCA::V1::ObjectId>) —
Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.

# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1543

class CertificateExtensionConstraints
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Describes well-known X.509 extensions that can appear in a
  # {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificate}, not
  # including the
  # {::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames SubjectAltNames}
  # extension.
  module KnownCertificateExtension
    # Not specified.
    KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED = 0

    # Refers to a certificate's Key Usage extension, as described in [RFC 5280
    # section 4.2.1.3](https://tools.ietf.org/html/rfc5280#section-4.2.1.3).
    # This corresponds to the
    # {::Google::Cloud::Security::PrivateCA::V1::KeyUsage#base_key_usage KeyUsage.base_key_usage}
    # field.
    BASE_KEY_USAGE = 1

    # Refers to a certificate's Extended Key Usage extension, as described in
    # [RFC 5280
    # section 4.2.1.12](https://tools.ietf.org/html/rfc5280#section-4.2.1.12).
    # This corresponds to the
    # {::Google::Cloud::Security::PrivateCA::V1::KeyUsage#extended_key_usage KeyUsage.extended_key_usage}
    # message.
    EXTENDED_KEY_USAGE = 2

    # Refers to a certificate's Basic Constraints extension, as described in
    # [RFC 5280
    # section 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9).
    # This corresponds to the
    # {::Google::Cloud::Security::PrivateCA::V1::X509Parameters#ca_options X509Parameters.ca_options}
    # field.
    CA_OPTIONS = 3

    # Refers to a certificate's Policy object identifiers, as described in
    # [RFC 5280
    # section 4.2.1.4](https://tools.ietf.org/html/rfc5280#section-4.2.1.4).
    # This corresponds to the
    # {::Google::Cloud::Security::PrivateCA::V1::X509Parameters#policy_ids X509Parameters.policy_ids}
    # field.
    POLICY_IDS = 4

    # Refers to OCSP servers in a certificate's Authority Information Access
    # extension, as described in
    # [RFC 5280
    # section 4.2.2.1](https://tools.ietf.org/html/rfc5280#section-4.2.2.1),
    # This corresponds to the
    # {::Google::Cloud::Security::PrivateCA::V1::X509Parameters#aia_ocsp_servers X509Parameters.aia_ocsp_servers}
    # field.
    AIA_OCSP_SERVERS = 5

    # Refers to Name Constraints extension as described in
    # [RFC 5280
    # section 4.2.1.10](https://tools.ietf.org/html/rfc5280#section-4.2.1.10)
    NAME_CONSTRAINTS = 6
  end
end

#known_extensions ⇒ `::Array<::Google::Cloud::Security::PrivateCA::V1::CertificateExtensionConstraints::KnownCertificateExtension>`

Returns Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.