Class V1CertificateSpec
The kubernetes spec for a cert-manager certificate.
Namespace: Neon.Kube.Resources.CertManager
Assembly: Neon.Kube.Resources.dll
Syntax
public class V1CertificateSpecConstructors
V1CertificateSpec()
Constructor.
Declaration
public V1CertificateSpec()Properties
CommonName
CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4'
Declaration
[JsonProperty(PropertyName = "commonName", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string CommonName { get; set; }Property Value
| Type | Description |
|---|---|
| string |
DnsNames
A list of DNS subjectAltNames to be set on the Certificate.
Declaration
[JsonProperty(PropertyName = "dnsNames", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public List<string> DnsNames { get; set; }Property Value
| Type | Description |
|---|---|
| List<string> |
Duration
The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If unset
this defaults to 90 days. Certificate will be renewed either 2/3 through its duration or renewBefore period before its expiry,
whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by GOLANG time.ParseDuration():
https://golang.org/pkg/time/#ParseDuration
Declaration
[JsonProperty(PropertyName = "duration", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string Duration { get; set; }Property Value
| Type | Description |
|---|---|
| string |
EmailAddresses
A list of email subjectAltNames to be set on the Certificate.
Declaration
[JsonProperty(PropertyName = "emailAddresses", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public List<string> EmailAddresses { get; set; }Property Value
| Type | Description |
|---|---|
| List<string> |
EncodeUsagesInRequest
Controls whether key usages should be present in the CertificateRequest.
Declaration
[JsonProperty(PropertyName = "encodeUsagesInRequest", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public bool? EncodeUsagesInRequest { get; set; }Property Value
| Type | Description |
|---|---|
| bool? |
IpAddresses
A list of IP address subjectAltNames to be set on the Certificate.
Declaration
[JsonProperty(PropertyName = "ipAddresses", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public List<string> IpAddresses { get; set; }Property Value
| Type | Description |
|---|---|
| List<string> |
IsCA
Whether this Certificate as valid for certificate signing. This will automatically add the cert sign usage to the list of usages.
Declaration
[JsonProperty(PropertyName = "isCA", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public bool? IsCA { get; set; }Property Value
| Type | Description |
|---|---|
| bool? |
IssuerRef
A reference to the issuer for this certificate.
Declaration
[JsonProperty(PropertyName = "issuerRef", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public IssuerRef IssuerRef { get; set; }Property Value
| Type | Description |
|---|---|
| IssuerRef |
KeySize
The key bit size of the corresponding private key for this certificate. If keyAlgorithm is set to rsa, valid values are 2048,
4096 or 8192, and will default to 2048 if not specified. If keyAlgorithm is set to ecdsa, valid values are 256, 384
or 521, and will default to 256 if not specified. No other values are allowed.
Declaration
[JsonProperty(PropertyName = "keySize", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public int? KeySize { get; set; }Property Value
| Type | Description |
|---|---|
| int? |
Keystores
Configures additional keystore output formats stored in the secretName Secret resource.
Declaration
[JsonProperty(PropertyName = "keystores", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public Keystores Keystores { get; set; }Property Value
| Type | Description |
|---|---|
| Keystores |
Organization
A list of organizations to be used on the Certificate.
Declaration
[JsonProperty(PropertyName = "organization", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public List<string> Organization { get; set; }Property Value
| Type | Description |
|---|---|
| List<string> |
PrivateKey
Options to control private keys used for the Certificate.
Declaration
[JsonProperty(PropertyName = "privateKey", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public PrivateKey PrivateKey { get; set; }Property Value
| Type | Description |
|---|---|
| PrivateKey |
RenewBefore
How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
Declaration
[JsonProperty(PropertyName = "renewBefore", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string RenewBefore { get; set; }Property Value
| Type | Description |
|---|---|
| string |
RevisionHistoryLimit
RevisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each
revision represents a single CertificateRequest created by this Certificate, either when it was created, renewed, or Spec was changed.
Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value
of 1 or greater. If unset (nil), revisions will not be garbage collected. Default value is nil.
Declaration
[JsonProperty(PropertyName = "revisionHistoryLimit", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public int? RevisionHistoryLimit { get; set; }Property Value
| Type | Description |
|---|---|
| int? |
SecretName
The name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer.
Declaration
[JsonProperty(PropertyName = "secretName", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string SecretName { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Subject
Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name).
Declaration
[JsonProperty(PropertyName = "subject", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public Subject Subject { get; set; }Property Value
| Type | Description |
|---|---|
| Subject |
Uris
A list of URI subjectAltNames to be set on the Certificate.
Declaration
[JsonProperty(PropertyName = "uris", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public List<string> Uris { get; set; }Property Value
| Type | Description |
|---|---|
| List<string> |
Usages
Usages is the set of x509 usages that are requested for the certificate.
Declaration
[JsonProperty(PropertyName = "usages", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[JsonConverter(typeof(JsonCollectionItemConverter<X509Usages, JsonStringEnumMemberConverter>))]
public IEnumerable<X509Usages> Usages { get; set; }Property Value
| Type | Description |
|---|---|
| IEnumerable<X509Usages> |