interface PrivateKeyFlagsV4Property
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.aws_pcaconnectorad.CfnTemplate.PrivateKeyFlagsV4Property |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awspcaconnectorad#CfnTemplate_PrivateKeyFlagsV4Property |
 Java | software.amazon.awscdk.services.pcaconnectorad.CfnTemplate.PrivateKeyFlagsV4Property |
 Python | aws_cdk.aws_pcaconnectorad.CfnTemplate.PrivateKeyFlagsV4Property |
 TypeScript | aws-cdk-lib » aws_pcaconnectorad » CfnTemplate » PrivateKeyFlagsV4Property |
Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_pcaconnectorad as pcaconnectorad } from 'aws-cdk-lib';
const privateKeyFlagsV4Property: pcaconnectorad.CfnTemplate.PrivateKeyFlagsV4Property = {
clientVersion: 'clientVersion',
// the properties below are optional
exportableKey: false,
requireAlternateSignatureAlgorithm: false,
requireSameKeyRenewal: false,
strongKeyProtectionRequired: false,
useLegacyProvider: false,
};
Properties
| Name | Type | Description |
|---|---|---|
| client | string | Defines the minimum client compatibility. |
| exportable | boolean | IResolvable | Allows the private key to be exported. |
| require | boolean | IResolvable | Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format. |
| require | boolean | IResolvable | Renew certificate using the same private key. |
| strong | boolean | IResolvable | Require user input when using the private key for enrollment. |
| use | boolean | IResolvable | Specifies the cryptographic service provider category used to generate private keys. |
clientVersion
Type:
string
Defines the minimum client compatibility.
exportableKey?
Type:
boolean | IResolvable
(optional)
Allows the private key to be exported.
requireAlternateSignatureAlgorithm?
Type:
boolean | IResolvable
(optional)
Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.
requireSameKeyRenewal?
Type:
boolean | IResolvable
(optional)
Renew certificate using the same private key.
strongKeyProtectionRequired?
Type:
boolean | IResolvable
(optional)
Require user input when using the private key for enrollment.
useLegacyProvider?
Type:
boolean | IResolvable
(optional)
Specifies the cryptographic service provider category used to generate private keys.
Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.