Package com.google.cloud.security.privateca.v1

Interface CaPool.IssuancePolicyOrBuilder

All Superinterfaces:

com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder

All Known Implementing Classes:

CaPool.IssuancePolicy, CaPool.IssuancePolicy.Builder

Enclosing class:

CaPool

public static interface CaPool.IssuancePolicyOrBuilder
extends com.google.protobuf.MessageOrBuilder

Method Summary

Modifier and Type	Method	Description
CaPool.IssuancePolicy.IssuanceModes	getAllowedIssuanceModes()	Optional.
CaPool.IssuancePolicy.IssuanceModesOrBuilder	getAllowedIssuanceModesOrBuilder()	Optional.
CaPool.IssuancePolicy.AllowedKeyType	getAllowedKeyTypes(int index)	Optional.
int	getAllowedKeyTypesCount()	Optional.
List<CaPool.IssuancePolicy.AllowedKeyType>	getAllowedKeyTypesList()	Optional.
CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder	getAllowedKeyTypesOrBuilder(int index)	Optional.
List<? extends CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder>	getAllowedKeyTypesOrBuilderList()	Optional.
X509Parameters	getBaselineValues()	Optional.
X509ParametersOrBuilder	getBaselineValuesOrBuilder()	Optional.
CertificateIdentityConstraints	getIdentityConstraints()	Optional.
CertificateIdentityConstraintsOrBuilder	getIdentityConstraintsOrBuilder()	Optional.
com.google.protobuf.Duration	getMaximumLifetime()	Optional.
com.google.protobuf.DurationOrBuilder	getMaximumLifetimeOrBuilder()	Optional.
CertificateExtensionConstraints	getPassthroughExtensions()	Optional.
CertificateExtensionConstraintsOrBuilder	getPassthroughExtensionsOrBuilder()	Optional.
boolean	hasAllowedIssuanceModes()	Optional.
boolean	hasBaselineValues()	Optional.
boolean	hasIdentityConstraints()	Optional.
boolean	hasMaximumLifetime()	Optional.
boolean	hasPassthroughExtensions()	Optional.

Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder

isInitialized

Methods inherited from interface com.google.protobuf.MessageOrBuilder

findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

Method Detail

getAllowedKeyTypesList

List<CaPool.IssuancePolicy.AllowedKeyType> getAllowedKeyTypesList()

 Optional. If any
 [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType]
 is specified, then the certificate request's public key must match one of
 the key types listed here. Otherwise, any key may be used.
 

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

getAllowedKeyTypes

CaPool.IssuancePolicy.AllowedKeyType getAllowedKeyTypes(int index)

 Optional. If any
 [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType]
 is specified, then the certificate request's public key must match one of
 the key types listed here. Otherwise, any key may be used.
 

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

getAllowedKeyTypesCount

int getAllowedKeyTypesCount()

 Optional. If any
 [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType]
 is specified, then the certificate request's public key must match one of
 the key types listed here. Otherwise, any key may be used.
 

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

getAllowedKeyTypesOrBuilderList

List<? extends CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder> getAllowedKeyTypesOrBuilderList()

 Optional. If any
 [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType]
 is specified, then the certificate request's public key must match one of
 the key types listed here. Otherwise, any key may be used.
 

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

getAllowedKeyTypesOrBuilder

CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder getAllowedKeyTypesOrBuilder(int index)

 Optional. If any
 [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType]
 is specified, then the certificate request's public key must match one of
 the key types listed here. Otherwise, any key may be used.
 

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

hasMaximumLifetime

boolean hasMaximumLifetime()

 Optional. The maximum lifetime allowed for issued
 [Certificates][google.cloud.security.privateca.v1.Certificate]. Note that
 if the issuing
 [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
 expires before a
 [Certificate][google.cloud.security.privateca.v1.Certificate]'s requested
 maximum_lifetime, the effective lifetime will be explicitly truncated to
 match it.
 

.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns:

Whether the maximumLifetime field is set.

getMaximumLifetime

com.google.protobuf.Duration getMaximumLifetime()

 Optional. The maximum lifetime allowed for issued
 [Certificates][google.cloud.security.privateca.v1.Certificate]. Note that
 if the issuing
 [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
 expires before a
 [Certificate][google.cloud.security.privateca.v1.Certificate]'s requested
 maximum_lifetime, the effective lifetime will be explicitly truncated to
 match it.
 

.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns:

The maximumLifetime.

getMaximumLifetimeOrBuilder

com.google.protobuf.DurationOrBuilder getMaximumLifetimeOrBuilder()

 Optional. The maximum lifetime allowed for issued
 [Certificates][google.cloud.security.privateca.v1.Certificate]. Note that
 if the issuing
 [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
 expires before a
 [Certificate][google.cloud.security.privateca.v1.Certificate]'s requested
 maximum_lifetime, the effective lifetime will be explicitly truncated to
 match it.
 

.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];

hasAllowedIssuanceModes

boolean hasAllowedIssuanceModes()

 Optional. If specified, then only methods allowed in the
 [IssuanceModes][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes]
 may be used to issue
 [Certificates][google.cloud.security.privateca.v1.Certificate].
 

.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns:

Whether the allowedIssuanceModes field is set.

getAllowedIssuanceModes

CaPool.IssuancePolicy.IssuanceModes getAllowedIssuanceModes()

 Optional. If specified, then only methods allowed in the
 [IssuanceModes][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes]
 may be used to issue
 [Certificates][google.cloud.security.privateca.v1.Certificate].
 

.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns:

The allowedIssuanceModes.

getAllowedIssuanceModesOrBuilder

CaPool.IssuancePolicy.IssuanceModesOrBuilder getAllowedIssuanceModesOrBuilder()

 Optional. If specified, then only methods allowed in the
 [IssuanceModes][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes]
 may be used to issue
 [Certificates][google.cloud.security.privateca.v1.Certificate].
 

.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];

hasBaselineValues

boolean hasBaselineValues()

 Optional. A set of X.509 values that will be applied to all certificates
 issued through this [CaPool][google.cloud.security.privateca.v1.CaPool].
 If a certificate request includes conflicting values for the same
 properties, they will be overwritten by the values defined here. If a
 certificate request uses a
 [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
 that defines conflicting
 [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values]
 for the same properties, the certificate issuance request will fail.
 

.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];

Returns:

Whether the baselineValues field is set.

getBaselineValues

X509Parameters getBaselineValues()

 Optional. A set of X.509 values that will be applied to all certificates
 issued through this [CaPool][google.cloud.security.privateca.v1.CaPool].
 If a certificate request includes conflicting values for the same
 properties, they will be overwritten by the values defined here. If a
 certificate request uses a
 [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
 that defines conflicting
 [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values]
 for the same properties, the certificate issuance request will fail.
 

.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];

Returns:

The baselineValues.

getBaselineValuesOrBuilder

X509ParametersOrBuilder getBaselineValuesOrBuilder()

 Optional. A set of X.509 values that will be applied to all certificates
 issued through this [CaPool][google.cloud.security.privateca.v1.CaPool].
 If a certificate request includes conflicting values for the same
 properties, they will be overwritten by the values defined here. If a
 certificate request uses a
 [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
 that defines conflicting
 [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values]
 for the same properties, the certificate issuance request will fail.
 

.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];

hasIdentityConstraints

boolean hasIdentityConstraints()

 Optional. Describes constraints on identities that may appear in
 [Certificates][google.cloud.security.privateca.v1.Certificate] issued
 through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If this
 is omitted, then this [CaPool][google.cloud.security.privateca.v1.CaPool]
 will not add restrictions on a certificate's identity.
 

.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];

Returns:

Whether the identityConstraints field is set.

getIdentityConstraints

CertificateIdentityConstraints getIdentityConstraints()

 Optional. Describes constraints on identities that may appear in
 [Certificates][google.cloud.security.privateca.v1.Certificate] issued
 through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If this
 is omitted, then this [CaPool][google.cloud.security.privateca.v1.CaPool]
 will not add restrictions on a certificate's identity.
 

.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];

Returns:

The identityConstraints.

getIdentityConstraintsOrBuilder

CertificateIdentityConstraintsOrBuilder getIdentityConstraintsOrBuilder()

 Optional. Describes constraints on identities that may appear in
 [Certificates][google.cloud.security.privateca.v1.Certificate] issued
 through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If this
 is omitted, then this [CaPool][google.cloud.security.privateca.v1.CaPool]
 will not add restrictions on a certificate's identity.
 

.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];

hasPassthroughExtensions

boolean hasPassthroughExtensions()

 Optional. Describes the set of X.509 extensions that may appear in a
 [Certificate][google.cloud.security.privateca.v1.Certificate] issued
 through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If a
 certificate request sets extensions that don't appear in the
 [passthrough_extensions][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.passthrough_extensions],
 those extensions will be dropped. If a certificate request uses a
 [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
 with
 [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values]
 that don't appear here, the certificate issuance request will fail. If
 this is omitted, then this
 [CaPool][google.cloud.security.privateca.v1.CaPool] will not add
 restrictions on a certificate's X.509 extensions. These constraints do
 not apply to X.509 extensions set in this
 [CaPool][google.cloud.security.privateca.v1.CaPool]'s
 [baseline_values][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.baseline_values].
 

.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns:

Whether the passthroughExtensions field is set.

getPassthroughExtensions

CertificateExtensionConstraints getPassthroughExtensions()

 Optional. Describes the set of X.509 extensions that may appear in a
 [Certificate][google.cloud.security.privateca.v1.Certificate] issued
 through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If a
 certificate request sets extensions that don't appear in the
 [passthrough_extensions][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.passthrough_extensions],
 those extensions will be dropped. If a certificate request uses a
 [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
 with
 [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values]
 that don't appear here, the certificate issuance request will fail. If
 this is omitted, then this
 [CaPool][google.cloud.security.privateca.v1.CaPool] will not add
 restrictions on a certificate's X.509 extensions. These constraints do
 not apply to X.509 extensions set in this
 [CaPool][google.cloud.security.privateca.v1.CaPool]'s
 [baseline_values][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.baseline_values].
 

.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns:

The passthroughExtensions.

getPassthroughExtensionsOrBuilder

CertificateExtensionConstraintsOrBuilder getPassthroughExtensionsOrBuilder()

 Optional. Describes the set of X.509 extensions that may appear in a
 [Certificate][google.cloud.security.privateca.v1.Certificate] issued
 through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If a
 certificate request sets extensions that don't appear in the
 [passthrough_extensions][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.passthrough_extensions],
 those extensions will be dropped. If a certificate request uses a
 [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
 with
 [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values]
 that don't appear here, the certificate issuance request will fail. If
 this is omitted, then this
 [CaPool][google.cloud.security.privateca.v1.CaPool] will not add
 restrictions on a certificate's X.509 extensions. These constraints do
 not apply to X.509 extensions set in this
 [CaPool][google.cloud.security.privateca.v1.CaPool]'s
 [baseline_values][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.baseline_values].
 

.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];