Namespace Oci.CertificatesmanagementService.Models
Classes
Association
The details of the association.
AssociationCollection
The results of an association search.
AssociationSummary
The details of the association.
CaBundle
CA bundle metadata. This object does not contain the CA bundle certificates.
CaBundleCollection
The results of a CA bundle search. This object contains CA bundle summary objects.
CaBundleSummary
CA bundle metadata. This summary object does not contain the CA bundle certificates.
Certificate
The details of the certificate. This object does not contain the certificate contents.
CertificateAuthority
The metadata details of the certificate authority (CA). This object does not contain the CA contents.
CertificateAuthorityCollection
The results of a certificate authority (CA) search. This object contains CA summary objects and other data.
CertificateAuthorityIssuanceExpiryRule
A rule that enforces how long certificates or certificate authorities (CAs) issued by this particular CA are valid.
You must include either or both leafCertificateMaxValidityDuration and certificateAuthorityMaxValidityDuration.
CertificateAuthorityIssuanceRule
Issuance rules apply constraints to a certificate authority (CA) to enforce certain conditions regarding the resources it issues. For example, a path length constraint restricts how many subordinate CAs a CA can have. Or, a name constraint on certificate subject names specifies allowable namespaces for the hierarchical name forms in certificates that any CA in the certificate chain issues. You can't update the issuance rules configured for a CA after you create it.
CertificateAuthorityRule
A rule that you can apply to a certificate authority (CA) to enforce certain conditions on its usage and management.
CertificateAuthorityRuleModelConverter
CertificateAuthoritySummary
The metadata details of the certificate authority (CA). This summary object does not contain the CA contents.
CertificateAuthorityVersion
The metadata details of the certificate authority (CA) version. This object does not contain the CA contents.
CertificateAuthorityVersionCollection
The results of a certificate authority (CA) version search. This object contains CA version summary objects and other data.
CertificateAuthorityVersionSummary
The metadata details of the certificate authority (CA) version. This summary object does not contain the CA contents.
CertificateCollection
The results of a certificate search. This object contains certificate summary objects and other data.
CertificateRenewalRule
A rule that imposes constraints on certificate renewal.
CertificateRevocationListDetails
The details of the certificate revocation list (CRL).
CertificateRule
A rule that you can apply to a certificate to enforce certain conditions on the certificate's usage and management.
CertificateRuleModelConverter
CertificateSubject
The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
CertificateSubjectAlternativeName
A subject alternative name for the certificate that binds additional or alternate names to the subject of the certificate. In the certificate, the alternate subject name format is "type:name".
CertificateSummary
The details of the certificate. This object does not contain the certificate contents.
CertificateVersion
The details of the certificate version. This object does not contain the certificate contents.
CertificateVersionCollection
The results of a certificate version search. This object contains certificate version summary objects and other data.
CertificateVersionSummary
The details of the certificate version. This object does not contain the certificate contents.
ChangeCaBundleCompartmentDetails
The details of the request to change compartments for the CA bundle.
ChangeCertificateAuthorityCompartmentDetails
The details of the request to change compartments for the certificate authority (CA).
ChangeCertificateCompartmentDetails
The details of the request to change compartments for the certificate.
CreateCaBundleDetails
The details of the CA bundle that you want to create.
CreateCertificateAuthorityConfigDetails
The configuration details for creating a certificate authority (CA).
CreateCertificateAuthorityConfigDetailsModelConverter
CreateCertificateAuthorityDetails
The details for creating a certificate authority (CA).
CreateCertificateByImportingConfigDetails
The details of the configuration for creating a certificate based on the keys from an imported certificate.
CreateCertificateConfigDetails
The details of the contents of the certificate and certificate metadata.
CreateCertificateConfigDetailsModelConverter
CreateCertificateDetails
The details of the certificate to create.
CreateCertificateIssuedByInternalCaConfigDetails
The details of the configuration for creating an internally managed certificate which is issued by a private certificate authority (CA).
CreateCertificateManagedExternallyIssuedByInternalCaConfigDetails
The details of the configuration for creating an externally managed certificate which is issued by a private certificate authority (CA).
CreateRootCaByGeneratingInternallyConfigDetails
The details for creating a private root certificate authority (CA).
CreateRootCaManagedExternallyConfigDetails
The configuration details for creating an externally managed private root certificate authority (CA) issued by an external CA.
CreateSubordinateCaIssuedByInternalCaConfigDetails
The details for creating a private subordinate certificate authority (CA) which is issued by a private CA.
CreateSubordinateCaManagedInternallyIssuedByExternalCaConfigDetails
The configuration details for creating an internally managed subordinate certificate authority (CA) which is issued by an external private CA.
NameConstraint
A constraint that specifies permitted and excluded namespaces for the hierarchical name forms in certificates that any CA in the certificate chain issues. You can define name constraints on a directory name, DNS address, or IP address. If you have a name constraint, you must define at least one permitted namespace or one excluded namespace.
NameConstraintSubtreeNode
An object that imposes restrictions on specific name constraint types based on the name constraint value.
ObjectStorageBucketConfigDetails
The details of the Object Storage bucket configured to store the certificate revocation list (CRL).
RevocationStatus
The current revocation status of the entity.
RevokeCertificateAuthorityVersionDetails
The details of the request to revoke a certificate authority (CA) version.
RevokeCertificateVersionDetails
The details for revoking a certificate version.
ScheduleCertificateAuthorityDeletionDetails
The details of the request to schedule the deletion of the specified certificate authority (CA).
ScheduleCertificateAuthorityVersionDeletionDetails
The details of the request to schedule the deletion of the specified certificate authority (CA) version.
ScheduleCertificateDeletionDetails
The details for scheduling the deletion of the specified certificate.
ScheduleCertificateVersionDeletionDetails
The details for scheduling the deletion of the specified certificate version.
UpdateCaBundleDetails
The details of the CA bundle to update.
UpdateCertificateAuthorityActionDetails
The details of the type of certificate authority (CA) update request. Updates can be performed by updating certificate contents or by generating a certificate signing request (CSR).
UpdateCertificateAuthorityActionDetailsModelConverter
UpdateCertificateAuthorityCertificateDetails
The details of the request to update the certificate authority (CA) with a signed certificate for the latest CA version.
UpdateCertificateAuthorityConfigDetails
The configuration details for updating a certificate authority (CA).
UpdateCertificateAuthorityConfigDetailsModelConverter
UpdateCertificateAuthorityDetails
The details for updating a certificate authority (CA).
UpdateCertificateAuthorityGenerateCsrDetails
The details of the request to update the certificate authority (CA) to renew the CA by generating a latest CA version with a certificate signing request (CSR).
UpdateCertificateByImportingConfigDetails
The details of the configuration for updating a certificate based on the keys from an imported certificate.
UpdateCertificateConfigDetails
The details of the contents of the certificate and certificate metadata.
UpdateCertificateConfigDetailsModelConverter
UpdateCertificateDetails
The details of the certificate to update.
UpdateCertificateIssuedByInternalCaConfigDetails
The details for updating an internally managed certificate which is issued by a private certificate authority (CA).
UpdateCertificateManagedExternallyIssuedByInternalCaConfigDetails
The details for updating an externally managed certificate which is issued by a private certificate authority (CA).
UpdateRootCaByGeneratingInternallyConfigDetails
The details for updating a private root certificate authority (CA). Note: This operation automatically rotates the private key.
UpdateRootCaManagedExternallyConfigDetails
The configuration details for updating an externally managed private root certificate authority (CA) issued by an external CA.
UpdateSubordinateCaIssuedByInternalCaConfigDetails
The configuration details for updating a private subordinate certificate authority (CA) which is issued by a private, internal CA. Note: This operation automatically rotates the private key.
UpdateSubordinateCaManagedInternallyIssuedByExternalCaConfigDetails
The configuration details for updating an internally managed subordinate certificate authority (CA) which is issued by an external CA.
Validity
An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
Enums
AssociationLifecycleState
The current lifecycle state of the association.
AssociationType
Type of the association.
CaBundleLifecycleState
The current lifecycle state of the CA bundle.
CertificateAuthorityConfigType
The manner in which the root or subordinate certificate authority (CA) is generated and managed. CA configuration types include the following:
- Root CA generated internally by the service (ROOT_CA_GENERATED_INTERNALLY). You provide the details required to generate a certificate, including the Oracle Cloud Infrastructure (OCI) Key Management service (KMS) hardware-protected, asymmetric encryption key. Using this information, the Certificates service creates the root CA certificate which is then signed by the OCI KMS private key.
- Subordinate CA issued by a CA that was generated internally by the service (SUBORDINATE_CA_ISSUED_BY_INTERNAL_CA). You provide the details required to generate a certificate, including the OCI KMS hardware-protected, asymmetric encryption key. Using this information, the Certificates service creates the subordinate CA certificate which is then signed by the OCI KMS private key you specified and the OCI KMS private key of the issuer CA.
- Root CA imported to the service (ROOT_CA_MANAGED_EXTERNALLY). You import the root CA certificate in PEM format without the certificate's private key. Private keys are managed externally by OCI KMS Dedicated KMS (DKMS), an on-premises key management solution, or a third-party cloud provider. This type of CA can't directly issue certificates or subordinate CAs. Instead, for any certificates or subordinate CAs you want to issue, the service generates a CSR that you must sign externally and then import.
- Subordinate CA issued by a CA that was generated externally, but where you manage keys in OCI (SUBORDINATE_CA_MANAGED_INTERNALLY_ISSUED_BY_EXTERNAL_CA). You import the key of the subordinate CA certificate to OCI KMS. You then provide the details required to generate a CSR that you must sign externally by using the private key of the external parent CA. During this time, the CA remains in a
PENDING_ACTIVATIONlifecycle state. To complete activation, import the signed certificate. This type of subordinate CA can issue certificates and subordinate CAs of its own.
CertificateAuthorityLifecycleState
The current lifecycle state of the certificate authority (CA).
CertificateAuthorityRule.RuleTypeEnum
CertificateConfigType
The manner in which the certificate was created. You can have a CA that was generated internally by the service issue a certificate. You can subsequently manage that certificate internally or externally. Alternatively, you can import a certificate that was issued by an external, third-party public or private CA, and then manage it internally.
CertificateLifecycleState
The current lifecycle state of the certificate.
CertificateProfileType
The name of the profile used to create the certificate, which depends on the type of certificate you need.
CertificateRule.RuleTypeEnum
CertificateSubjectAlternativeName.TypeEnum
KeyAlgorithm
The algorithm used to create key pairs.
NameConstraintType
The type of name constraint. A directory name constraint specifies restrictions on any subject fields. A DNS address name constraint or IP address name constraint specifies restrictions on the common name in the subject field and on the subject alternative name.
RevocationReason
The current reason for the certificate's revocation.
SignatureAlgorithm
The algorithm used to sign the public key certificate.
UpdateCertificateAuthorityActionType
The type of certificate authority (CA) update. An update can either update the certificate contents or generate a new certificate signing request (CSR).
UpdateCertificateAuthorityConfigDetails.StageEnum
UpdateCertificateConfigDetails.StageEnum
VersionStage
A list of possible rotation states for the certificate version. A certificate version marked CURRENT is currently in use. A certificate version marked PENDING is staged and available for use, but has not been applied on the target system and, therefore, has not been rotated
into current, active use. The certificate most recently uploaded to the service is always marked LATEST. (The first version of a certificate is always marked as both CURRENT and LATEST.) A certificate version marked PREVIOUS is the certificate version that was most recently marked CURRENT, before the last certificate version rotation.
A certificate version marked DEPRECATED is neither current, pending, nor the previous one in use. Only certificate versions marked DEPRECATED can be scheduled for deletion.
A certificate version marked PENDING_ACTIVATION is issued by an externally managed CA and stays in that rotation state until you successfully sign the certificate signing request (CSR) externally and then import the signed certificate to the Certificates service.