Class: AWSCDK::ACMPCA::CfnCertificateAuthority::OcspConfigurationProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
acmpca/cfn_certificate_authority.rb

Overview

Contains information to enable and configure Online Certificate Status Protocol (OCSP) for validating certificate revocation status.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(enabled:, ocsp_custom_cname: nil) ⇒ OcspConfigurationProperty

Returns a new instance of OcspConfigurationProperty.

Parameters:

  • enabled (Boolean, AWSCDK::IResolvable)

    Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.

  • ocsp_custom_cname (String, nil) (defaults to: nil)

    By default, AWS Private CA injects an Amazon domain into certificates being validated by the Online Certificate Status Protocol (OCSP).



1292
1293
1294
1295
1296
1297
# File 'acmpca/cfn_certificate_authority.rb', line 1292

def initialize(enabled:, ocsp_custom_cname: nil)
  @enabled = enabled
  Jsii::Type.check_type(@enabled, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "enabled")
  @ocsp_custom_cname = ocsp_custom_cname
  Jsii::Type.check_type(@ocsp_custom_cname, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "ocspCustomCname") unless @ocsp_custom_cname.nil?
end

Instance Attribute Details

#enabledBoolean, AWSCDK::IResolvable (readonly)

Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.



1303
1304
1305
# File 'acmpca/cfn_certificate_authority.rb', line 1303

def enabled
  @enabled
end

#ocsp_custom_cnameString? (readonly)

By default, AWS Private CA injects an Amazon domain into certificates being validated by the Online Certificate Status Protocol (OCSP).

A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.

The content of a Canonical Name (CNAME) record must conform to RFC2396 restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".



1312
1313
1314
# File 'acmpca/cfn_certificate_authority.rb', line 1312

def ocsp_custom_cname
  @ocsp_custom_cname
end

Class Method Details

.jsii_propertiesObject



1314
1315
1316
1317
1318
1319
# File 'acmpca/cfn_certificate_authority.rb', line 1314

def self.jsii_properties
  {
    :enabled => "enabled",
    :ocsp_custom_cname => "ocspCustomCname",
  }
end

Instance Method Details

#to_jsiiObject



1321
1322
1323
1324
1325
1326
1327
1328
# File 'acmpca/cfn_certificate_authority.rb', line 1321

def to_jsii
  result = {}
  result.merge!({
    "enabled" => @enabled,
    "ocspCustomCname" => @ocsp_custom_cname,
  })
  result.compact
end