/* * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. * A copy of the License is located at * * http://aws.amazon.com/apache2.0 * * or in the "license" file accompanying this file. This file is distributed * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either * express or implied. See the License for the specific language governing * permissions and limitations under the License. */ /* * Do not modify this file. This file is generated from the acm-pca-2017-08-22.normal.json service model. */ using System; using System.Collections.Generic; using System.Xml.Serialization; using System.Text; using System.IO; using System.Net; using Amazon.Runtime; using Amazon.Runtime.Internal; namespace Amazon.ACMPCA.Model { ///

/// Container for the parameters to the IssueCertificate operation. /// Uses your private certificate authority (CA), or one that has been shared with you, /// to issue a client certificate. This action returns the Amazon Resource Name (ARN) /// of the certificate. You can retrieve the certificate by calling the GetCertificate /// action and specifying the ARN. /// /// /// /// You cannot use the ACM ListCertificateAuthorities action to retrieve the ARNs /// of the certificates that you issue by using Amazon Web Services Private CA. /// /// ///

public partial class IssueCertificateRequest : AmazonACMPCARequest { private ApiPassthrough _apiPassthrough; private string _certificateAuthorityArn; private MemoryStream _csr; private string _idempotencyToken; private SigningAlgorithm _signingAlgorithm; private string _templateArn; private Validity _validity; private Validity _validityNotBefore; ///

/// Gets and sets the property ApiPassthrough. /// /// Specifies X.509 certificate information to be included in the issued certificate. /// An APIPassthrough or APICSRPassthrough template variant /// must be selected, or else this parameter is ignored. For more information about using /// these templates, see Understanding /// Certificate Templates. /// /// /// /// If conflicting or duplicate certificate information is supplied during certificate /// issuance, Amazon Web Services Private CA applies order /// of operation rules to determine what information is used. /// ///

public ApiPassthrough ApiPassthrough { get { return this._apiPassthrough; } set { this._apiPassthrough = value; } } // Check to see if ApiPassthrough property is set internal bool IsSetApiPassthrough() { return this._apiPassthrough != null; } ///

/// Gets and sets the property CertificateAuthorityArn. /// /// The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. /// This must be of the form: /// /// /// ///

arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
        ///

/// ///

[AWSProperty(Required=true, Min=5, Max=200)] public string CertificateAuthorityArn { get { return this._certificateAuthorityArn; } set { this._certificateAuthorityArn = value; } } // Check to see if CertificateAuthorityArn property is set internal bool IsSetCertificateAuthorityArn() { return this._certificateAuthorityArn != null; } ///

/// Gets and sets the property Csr. /// /// The certificate signing request (CSR) for the certificate you want to issue. As an /// example, you can use the following OpenSSL command to create the CSR and a 2048 bit /// RSA private key. /// /// /// ///

openssl req -new -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem
        /// -out csr/test_cert_.csr

/// /// /// /// If you have a configuration file, you can then use the following OpenSSL command. /// The usr_cert block in the configuration file contains your X509 version /// 3 extensions. /// /// /// ///

openssl req -new -config openssl_rsa.cnf -extensions usr_cert -newkey rsa:2048
        /// -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr

/// /// /// /// Note: A CSR must provide either a subject name or a subject alternative /// name or the request will be rejected. /// ///

[AWSProperty(Required=true, Min=1, Max=32768)] public MemoryStream Csr { get { return this._csr; } set { this._csr = value; } } // Check to see if Csr property is set internal bool IsSetCsr() { return this._csr != null; } ///

/// Gets and sets the property IdempotencyToken. /// /// Alphanumeric string that can be used to distinguish between calls to the IssueCertificate /// action. Idempotency tokens for IssueCertificate time out after one minute. /// Therefore, if you call IssueCertificate multiple times with the same idempotency /// token within one minute, Amazon Web Services Private CA recognizes that you are requesting /// only one certificate and will issue only one. If you change the idempotency token /// for each call, Amazon Web Services Private CA recognizes that you are requesting multiple /// certificates. /// ///

[AWSProperty(Min=1, Max=36)] public string IdempotencyToken { get { return this._idempotencyToken; } set { this._idempotencyToken = value; } } // Check to see if IdempotencyToken property is set internal bool IsSetIdempotencyToken() { return this._idempotencyToken != null; } ///

/// Gets and sets the property SigningAlgorithm. /// /// The name of the algorithm that will be used to sign the certificate to be issued. /// /// /// /// /// This parameter should not be confused with the SigningAlgorithm parameter /// used to sign a CSR in the CreateCertificateAuthority action. /// /// /// /// The specified signing algorithm family (RSA or ECDSA) must match the algorithm family /// of the CA's secret key. /// /// ///

[AWSProperty(Required=true)] public SigningAlgorithm SigningAlgorithm { get { return this._signingAlgorithm; } set { this._signingAlgorithm = value; } } // Check to see if SigningAlgorithm property is set internal bool IsSetSigningAlgorithm() { return this._signingAlgorithm != null; } ///

/// Gets and sets the property TemplateArn. /// /// Specifies a custom configuration template to use when issuing a certificate. If this /// parameter is not provided, Amazon Web Services Private CA defaults to the EndEntityCertificate/V1 /// template. For CA certificates, you should choose the shortest path length that meets /// your needs. The path length is indicated by the PathLenN portion of the ARN, /// where N is the CA /// depth. /// /// /// /// Note: The CA depth configured on a subordinate CA certificate must not exceed the /// limit set by its parents in the CA hierarchy. /// /// /// /// For a list of TemplateArn values supported by Amazon Web Services Private /// CA, see Understanding /// Certificate Templates. /// ///

[AWSProperty(Min=5, Max=200)] public string TemplateArn { get { return this._templateArn; } set { this._templateArn = value; } } // Check to see if TemplateArn property is set internal bool IsSetTemplateArn() { return this._templateArn != null; } ///

/// Gets and sets the property Validity. /// /// Information describing the end of the validity period of the certificate. This parameter /// sets the “Not After” date for the certificate. /// /// /// /// Certificate validity is the period of time during which a certificate is valid. Validity /// can be expressed as an explicit date and time when the certificate expires, or as /// a span of time after issuance, stated in days, months, or years. For more information, /// see Validity /// in RFC 5280. /// /// /// /// This value is unaffected when ValidityNotBefore is also specified. For /// example, if Validity is set to 20 days in the future, the certificate /// will expire 20 days from issuance time regardless of the ValidityNotBefore /// value. /// /// /// /// The end of the validity period configured on a certificate must not exceed the limit /// set on its parents in the CA hierarchy. /// ///

[AWSProperty(Required=true)] public Validity Validity { get { return this._validity; } set { this._validity = value; } } // Check to see if Validity property is set internal bool IsSetValidity() { return this._validity != null; } ///

/// Gets and sets the property ValidityNotBefore. /// /// Information describing the start of the validity period of the certificate. This parameter /// sets the “Not Before" date for the certificate. /// /// /// /// By default, when issuing a certificate, Amazon Web Services Private CA sets the "Not /// Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies /// across computer systems. The ValidityNotBefore parameter can be used /// to customize the “Not Before” value. /// /// /// /// Unlike the Validity parameter, the ValidityNotBefore parameter /// is optional. /// /// /// /// The ValidityNotBefore value is expressed as an explicit date and time, /// using the Validity type value ABSOLUTE. For more information, /// see Validity /// in this API reference and Validity /// in RFC 5280. /// ///

public Validity ValidityNotBefore { get { return this._validityNotBefore; } set { this._validityNotBefore = value; } } // Check to see if ValidityNotBefore property is set internal bool IsSetValidityNotBefore() { return this._validityNotBefore != null; } } }