AWS SDK for C++  1.8.95
AWS SDK for C++
Public Member Functions | List of all members
Aws::ACMPCA::Model::CrlConfiguration Class Reference

#include <CrlConfiguration.h>

Public Member Functions

 CrlConfiguration ()
 
 CrlConfiguration (Aws::Utils::Json::JsonView jsonValue)
 
CrlConfigurationoperator= (Aws::Utils::Json::JsonView jsonValue)
 
Aws::Utils::Json::JsonValue Jsonize () const
 
bool GetEnabled () const
 
bool EnabledHasBeenSet () const
 
void SetEnabled (bool value)
 
CrlConfigurationWithEnabled (bool value)
 
int GetExpirationInDays () const
 
bool ExpirationInDaysHasBeenSet () const
 
void SetExpirationInDays (int value)
 
CrlConfigurationWithExpirationInDays (int value)
 
const Aws::StringGetCustomCname () const
 
bool CustomCnameHasBeenSet () const
 
void SetCustomCname (const Aws::String &value)
 
void SetCustomCname (Aws::String &&value)
 
void SetCustomCname (const char *value)
 
CrlConfigurationWithCustomCname (const Aws::String &value)
 
CrlConfigurationWithCustomCname (Aws::String &&value)
 
CrlConfigurationWithCustomCname (const char *value)
 
const Aws::StringGetS3BucketName () const
 
bool S3BucketNameHasBeenSet () const
 
void SetS3BucketName (const Aws::String &value)
 
void SetS3BucketName (Aws::String &&value)
 
void SetS3BucketName (const char *value)
 
CrlConfigurationWithS3BucketName (const Aws::String &value)
 
CrlConfigurationWithS3BucketName (Aws::String &&value)
 
CrlConfigurationWithS3BucketName (const char *value)
 

Detailed Description

Contains configuration information for a certificate revocation list (CRL). Your private certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You can enable CRLs for your new or an existing private CA by setting the Enabled parameter to true. Your private CA writes CRLs to an S3 bucket that you specify in the S3BucketName parameter. You can hide the name of your bucket by specifying a value for the CustomCname parameter. Your private CA copies the CNAME or the S3 bucket name to the CRL Distribution Points extension of each certificate it issues. Your S3 bucket policy must give write permission to ACM Private CA.

ACM Private CAA assets that are stored in Amazon S3 can be protected with encryption. For more information, see Encrypting Your CRLs.

Your private CA uses the value in the ExpirationInDays parameter to calculate the nextUpdate field in the CRL. The CRL is refreshed at 1/2 the age of next update or when a certificate is revoked. When a certificate is revoked, it is recorded in the next CRL that is generated and in the next audit report. Only time valid certificates are listed in the CRL. Expired certificates are not included.

CRLs contain the following fields:

Certificate revocation lists created by ACM Private CA are DER-encoded. You can use the following OpenSSL command to list a CRL.

openssl crl -inform DER -text -in crl_path -noout

See Also:

AWS API Reference

Definition at line 72 of file CrlConfiguration.h.

Constructor & Destructor Documentation

◆ CrlConfiguration() [1/2]

Aws::ACMPCA::Model::CrlConfiguration::CrlConfiguration ( )

◆ CrlConfiguration() [2/2]

Aws::ACMPCA::Model::CrlConfiguration::CrlConfiguration ( Aws::Utils::Json::JsonView  jsonValue)

Member Function Documentation

◆ CustomCnameHasBeenSet()

bool Aws::ACMPCA::Model::CrlConfiguration::CustomCnameHasBeenSet ( ) const
inline

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.

Definition at line 159 of file CrlConfiguration.h.

◆ EnabledHasBeenSet()

bool Aws::ACMPCA::Model::CrlConfiguration::EnabledHasBeenSet ( ) const
inline

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the CreateCertificateAuthority action or for an existing CA when you call the UpdateCertificateAuthority action.

Definition at line 101 of file CrlConfiguration.h.

◆ ExpirationInDaysHasBeenSet()

bool Aws::ACMPCA::Model::CrlConfiguration::ExpirationInDaysHasBeenSet ( ) const
inline

Number of days until a certificate expires.

Definition at line 134 of file CrlConfiguration.h.

◆ GetCustomCname()

const Aws::String& Aws::ACMPCA::Model::CrlConfiguration::GetCustomCname ( ) const
inline

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.

Definition at line 152 of file CrlConfiguration.h.

◆ GetEnabled()

bool Aws::ACMPCA::Model::CrlConfiguration::GetEnabled ( ) const
inline

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the CreateCertificateAuthority action or for an existing CA when you call the UpdateCertificateAuthority action.

Definition at line 90 of file CrlConfiguration.h.

◆ GetExpirationInDays()

int Aws::ACMPCA::Model::CrlConfiguration::GetExpirationInDays ( ) const
inline

Number of days until a certificate expires.

Definition at line 129 of file CrlConfiguration.h.

◆ GetS3BucketName()

const Aws::String& Aws::ACMPCA::Model::CrlConfiguration::GetS3BucketName ( ) const
inline

Name of the S3 bucket that contains the CRL. If you do not provide a value for the CustomCname argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You can change the name of your bucket by calling the UpdateCertificateAuthority action. You must specify a bucket policy that allows ACM Private CA to write the CRL to your bucket.

Definition at line 213 of file CrlConfiguration.h.

◆ Jsonize()

Aws::Utils::Json::JsonValue Aws::ACMPCA::Model::CrlConfiguration::Jsonize ( ) const

◆ operator=()

CrlConfiguration& Aws::ACMPCA::Model::CrlConfiguration::operator= ( Aws::Utils::Json::JsonView  jsonValue)

◆ S3BucketNameHasBeenSet()

bool Aws::ACMPCA::Model::CrlConfiguration::S3BucketNameHasBeenSet ( ) const
inline

Name of the S3 bucket that contains the CRL. If you do not provide a value for the CustomCname argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You can change the name of your bucket by calling the UpdateCertificateAuthority action. You must specify a bucket policy that allows ACM Private CA to write the CRL to your bucket.

Definition at line 224 of file CrlConfiguration.h.

◆ SetCustomCname() [1/3]

void Aws::ACMPCA::Model::CrlConfiguration::SetCustomCname ( const Aws::String value)
inline

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.

Definition at line 166 of file CrlConfiguration.h.

◆ SetCustomCname() [2/3]

void Aws::ACMPCA::Model::CrlConfiguration::SetCustomCname ( Aws::String &&  value)
inline

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.

Definition at line 173 of file CrlConfiguration.h.

◆ SetCustomCname() [3/3]

void Aws::ACMPCA::Model::CrlConfiguration::SetCustomCname ( const char *  value)
inline

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.

Definition at line 180 of file CrlConfiguration.h.

◆ SetEnabled()

void Aws::ACMPCA::Model::CrlConfiguration::SetEnabled ( bool  value)
inline

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the CreateCertificateAuthority action or for an existing CA when you call the UpdateCertificateAuthority action.

Definition at line 112 of file CrlConfiguration.h.

◆ SetExpirationInDays()

void Aws::ACMPCA::Model::CrlConfiguration::SetExpirationInDays ( int  value)
inline

Number of days until a certificate expires.

Definition at line 139 of file CrlConfiguration.h.

◆ SetS3BucketName() [1/3]

void Aws::ACMPCA::Model::CrlConfiguration::SetS3BucketName ( const Aws::String value)
inline

Name of the S3 bucket that contains the CRL. If you do not provide a value for the CustomCname argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You can change the name of your bucket by calling the UpdateCertificateAuthority action. You must specify a bucket policy that allows ACM Private CA to write the CRL to your bucket.

Definition at line 235 of file CrlConfiguration.h.

◆ SetS3BucketName() [2/3]

void Aws::ACMPCA::Model::CrlConfiguration::SetS3BucketName ( Aws::String &&  value)
inline

Name of the S3 bucket that contains the CRL. If you do not provide a value for the CustomCname argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You can change the name of your bucket by calling the UpdateCertificateAuthority action. You must specify a bucket policy that allows ACM Private CA to write the CRL to your bucket.

Definition at line 246 of file CrlConfiguration.h.

◆ SetS3BucketName() [3/3]

void Aws::ACMPCA::Model::CrlConfiguration::SetS3BucketName ( const char *  value)
inline

Name of the S3 bucket that contains the CRL. If you do not provide a value for the CustomCname argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You can change the name of your bucket by calling the UpdateCertificateAuthority action. You must specify a bucket policy that allows ACM Private CA to write the CRL to your bucket.

Definition at line 257 of file CrlConfiguration.h.

◆ WithCustomCname() [1/3]

CrlConfiguration& Aws::ACMPCA::Model::CrlConfiguration::WithCustomCname ( const Aws::String value)
inline

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.

Definition at line 187 of file CrlConfiguration.h.

◆ WithCustomCname() [2/3]

CrlConfiguration& Aws::ACMPCA::Model::CrlConfiguration::WithCustomCname ( Aws::String &&  value)
inline

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.

Definition at line 194 of file CrlConfiguration.h.

◆ WithCustomCname() [3/3]

CrlConfiguration& Aws::ACMPCA::Model::CrlConfiguration::WithCustomCname ( const char *  value)
inline

Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.

Definition at line 201 of file CrlConfiguration.h.

◆ WithEnabled()

CrlConfiguration& Aws::ACMPCA::Model::CrlConfiguration::WithEnabled ( bool  value)
inline

Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the CreateCertificateAuthority action or for an existing CA when you call the UpdateCertificateAuthority action.

Definition at line 123 of file CrlConfiguration.h.

◆ WithExpirationInDays()

CrlConfiguration& Aws::ACMPCA::Model::CrlConfiguration::WithExpirationInDays ( int  value)
inline

Number of days until a certificate expires.

Definition at line 144 of file CrlConfiguration.h.

◆ WithS3BucketName() [1/3]

CrlConfiguration& Aws::ACMPCA::Model::CrlConfiguration::WithS3BucketName ( const Aws::String value)
inline

Name of the S3 bucket that contains the CRL. If you do not provide a value for the CustomCname argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You can change the name of your bucket by calling the UpdateCertificateAuthority action. You must specify a bucket policy that allows ACM Private CA to write the CRL to your bucket.

Definition at line 268 of file CrlConfiguration.h.

◆ WithS3BucketName() [2/3]

CrlConfiguration& Aws::ACMPCA::Model::CrlConfiguration::WithS3BucketName ( Aws::String &&  value)
inline

Name of the S3 bucket that contains the CRL. If you do not provide a value for the CustomCname argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You can change the name of your bucket by calling the UpdateCertificateAuthority action. You must specify a bucket policy that allows ACM Private CA to write the CRL to your bucket.

Definition at line 279 of file CrlConfiguration.h.

◆ WithS3BucketName() [3/3]

CrlConfiguration& Aws::ACMPCA::Model::CrlConfiguration::WithS3BucketName ( const char *  value)
inline

Name of the S3 bucket that contains the CRL. If you do not provide a value for the CustomCname argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You can change the name of your bucket by calling the UpdateCertificateAuthority action. You must specify a bucket policy that allows ACM Private CA to write the CRL to your bucket.

Definition at line 290 of file CrlConfiguration.h.


The documentation for this class was generated from the following file: