Package software.amazon.awscdk.services.certificatemanager

Interface CertificateProps

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Subinterfaces:
DnsValidatedCertificateProps
All Known Implementing Classes:
CertificateProps.Jsii$Proxy, DnsValidatedCertificateProps.Jsii$Proxy
@Generated(value="jsii-pacmak/1.116.0 (build 0eddcff)", date="2025-10-24T13:34:32.665Z") @Stability(Stable) public interface CertificateProps extends software.amazon.jsii.JsiiSerializable
Properties for your certificate.

Example: 

 HostedZone exampleCom = HostedZone.Builder.create(this, "ExampleCom")
         .zoneName("example.com")
         .build();
 HostedZone exampleNet = HostedZone.Builder.create(this, "ExampleNet")
         .zoneName("example.net")
         .build();
 Certificate cert = Certificate.Builder.create(this, "Certificate")
         .domainName("test.example.com")
         .subjectAlternativeNames(List.of("cool.example.com", "test.example.net"))
         .validation(CertificateValidation.fromDnsMultiZone(Map.of(
                 "test.example.com", exampleCom,
                 "cool.example.com", exampleCom,
                 "test.example.net", exampleNet)))
         .build();

  • Method Details

    • getDomainName

      @Stability(Stable) @NotNull String getDomainName()
      Fully-qualified domain name to request a certificate for.

      May contain wildcards, such as *.domain.com.

    • getAllowExport

      @Stability(Stable) @Nullable default Boolean getAllowExport()
      Enable or disable export of this certificate.

      If you issue an exportable public certificate, there is a charge at certificate issuance and again when the certificate renews. Ref: https://aws.amazon.com/certificate-manager/pricing

      Default: false

    • getCertificateName

      @Stability(Stable) @Nullable default String getCertificateName()
      The Certificate name.

      Since the Certificate resource doesn't support providing a physical name, the value provided here will be recorded in the Name tag

      Default: the full, absolute path of this construct

    • getKeyAlgorithm

      @Stability(Stable) @Nullable default KeyAlgorithm getKeyAlgorithm()
      Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.

      Default: KeyAlgorithm.RSA_2048

      See Also:

    • getSubjectAlternativeNames

      @Stability(Stable) @Nullable default List<String> getSubjectAlternativeNames()
      Alternative domain names on your certificate.

      Use this to register alternative domain names that represent the same site.

      Default: - No additional FQDNs will be included as alternative domain names.

    • getTransparencyLoggingEnabled

      @Stability(Stable) @Nullable default Boolean getTransparencyLoggingEnabled()
      Enable or disable transparency logging for this certificate.

      Once a certificate has been logged, it cannot be removed from the log. Opting out at that point will have no effect. If you opt out of logging when you request a certificate and then choose later to opt back in, your certificate will not be logged until it is renewed. If you want the certificate to be logged immediately, we recommend that you issue a new one.

      Default: true

      See Also:

    • getValidation

      @Stability(Stable) @Nullable default CertificateValidation getValidation()
      How to validate this certificate.

      Default: CertificateValidation.fromEmail()

    • builder

      @Stability(Stable) static CertificateProps.Builder builder()
      Returns:
      a CertificateProps.Builder of CertificateProps