interface PrivateCertificateProps
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.CertificateManager.PrivateCertificateProps |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awscertificatemanager#PrivateCertificateProps |
 Java | software.amazon.awscdk.services.certificatemanager.PrivateCertificateProps |
 Python | aws_cdk.aws_certificatemanager.PrivateCertificateProps |
 TypeScript (source) | aws-cdk-lib » aws_certificatemanager » PrivateCertificateProps |
Properties for your private certificate.
Example
import * as acmpca from 'aws-cdk-lib/aws-acmpca';
new acm.PrivateCertificate(this, 'PrivateCertificate', {
domainName: 'test.example.com',
subjectAlternativeNames: ['cool.example.com', 'test.example.net'], // optional
certificateAuthority: acmpca.CertificateAuthority.fromCertificateAuthorityArn(this, 'CA',
'arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/023077d8-2bfa-4eb0-8f22-05c96deade77'),
keyAlgorithm: acm.KeyAlgorithm.RSA_2048, // optional, default algorithm is RSA_2048
});
Properties
| Name | Type | Description |
|---|---|---|
| certificate | ICertificate | Private certificate authority (CA) that will be used to issue the certificate. |
| domain | string | Fully-qualified domain name to request a private certificate for. |
| allow | boolean | Enable or disable export of this certificate. |
| key | Key | Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. |
| subject | string[] | Alternative domain names on your private certificate. |
certificateAuthority
Type:
ICertificate
Private certificate authority (CA) that will be used to issue the certificate.
domainName
Type:
string
Fully-qualified domain name to request a private certificate for.
May contain wildcards, such as *.domain.com.
allowExport?
Type:
boolean
(optional, default: false)
Enable or disable export of this certificate.
If you issue an exportable public certificate, there is a charge at certificate issuance and again when the certificate renews. Ref: https://aws.amazon.com/certificate-manager/pricing
keyAlgorithm?
Type:
Key
(optional, default: KeyAlgorithm.RSA_2048)
Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.
When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.
subjectAlternativeNames?
Type:
string[]
(optional, default: No additional FQDNs will be included as alternative domain names.)
Alternative domain names on your private certificate.
Use this to register alternative domain names that represent the same site.