Class CertificateSpec
- java.lang.Object
-
- com.marcnuri.yakc.model.io.certmanager.v1alpha3.CertificateSpec
-
- All Implemented Interfaces:
com.marcnuri.yakc.model.Model
public class CertificateSpec extends java.lang.Object implements com.marcnuri.yakc.model.Model
Desired state of the Certificate resource.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
CertificateSpec.Builder
-
Constructor Summary
Constructors Constructor Description CertificateSpec()
CertificateSpec(java.lang.String commonName, java.util.List<java.lang.String> dnsNames, java.lang.String duration, java.util.List<java.lang.String> emailSANs, java.lang.Boolean encodeUsagesInRequest, java.util.List<java.lang.String> ipAddresses, java.lang.Boolean isCA, @NonNull CertificateSpecIssuerRef issuerRef, java.lang.String keyAlgorithm, java.lang.String keyEncoding, java.lang.Number keySize, CertificateSpecKeystores keystores, CertificateSpecPrivateKey privateKey, java.lang.String renewBefore, @NonNull java.lang.String secretName, CertificateSpecSubject subject, java.util.List<java.lang.String> uriSANs, java.util.List<java.lang.String> usages)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static CertificateSpec.Builder
builder()
protected boolean
canEqual(java.lang.Object other)
boolean
equals(java.lang.Object o)
java.lang.String
getCommonName()
CommonName is a common name to be used on the Certificate.java.util.List<java.lang.String>
getDnsNames()
DNSNames is a list of DNS subjectAltNames to be set on the Certificate.java.lang.String
getDuration()
The requested 'duration' (i.e.java.util.List<java.lang.String>
getEmailSANs()
EmailSANs is a list of email subjectAltNames to be set on the Certificate.java.lang.Boolean
getEncodeUsagesInRequest()
EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequestjava.util.List<java.lang.String>
getIpAddresses()
IPAddresses is a list of IP address subjectAltNames to be set on the Certificate.java.lang.Boolean
getIsCA()
IsCA will mark this Certificate as valid for certificate signing.@NonNull CertificateSpecIssuerRef
getIssuerRef()
java.lang.String
getKeyAlgorithm()
KeyAlgorithm is the private key algorithm of the corresponding private key for this certificate.java.lang.String
getKeyEncoding()
KeyEncoding is the private key cryptography standards (PKCS) for this certificate's private key to be encoded in.java.lang.Number
getKeySize()
KeySize is the key bit size of the corresponding private key for this certificate.CertificateSpecKeystores
getKeystores()
CertificateSpecPrivateKey
getPrivateKey()
java.lang.String
getRenewBefore()
The amount of time before the currently issued certificate's `notAfter` time that cert-manager will begin to attempt to renew the certificate.@NonNull java.lang.String
getSecretName()
SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource.CertificateSpecSubject
getSubject()
java.util.List<java.lang.String>
getUriSANs()
URISANs is a list of URI subjectAltNames to be set on the Certificate.java.util.List<java.lang.String>
getUsages()
Usages is the set of x509 usages that are requested for the certificate.int
hashCode()
void
setCommonName(java.lang.String commonName)
CommonName is a common name to be used on the Certificate.void
setDnsNames(java.util.List<java.lang.String> dnsNames)
DNSNames is a list of DNS subjectAltNames to be set on the Certificate.void
setDuration(java.lang.String duration)
The requested 'duration' (i.e.void
setEmailSANs(java.util.List<java.lang.String> emailSANs)
EmailSANs is a list of email subjectAltNames to be set on the Certificate.void
setEncodeUsagesInRequest(java.lang.Boolean encodeUsagesInRequest)
EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequestvoid
setIpAddresses(java.util.List<java.lang.String> ipAddresses)
IPAddresses is a list of IP address subjectAltNames to be set on the Certificate.void
setIsCA(java.lang.Boolean isCA)
IsCA will mark this Certificate as valid for certificate signing.void
setIssuerRef(@NonNull CertificateSpecIssuerRef issuerRef)
void
setKeyAlgorithm(java.lang.String keyAlgorithm)
KeyAlgorithm is the private key algorithm of the corresponding private key for this certificate.void
setKeyEncoding(java.lang.String keyEncoding)
KeyEncoding is the private key cryptography standards (PKCS) for this certificate's private key to be encoded in.void
setKeySize(java.lang.Number keySize)
KeySize is the key bit size of the corresponding private key for this certificate.void
setKeystores(CertificateSpecKeystores keystores)
void
setPrivateKey(CertificateSpecPrivateKey privateKey)
void
setRenewBefore(java.lang.String renewBefore)
The amount of time before the currently issued certificate's `notAfter` time that cert-manager will begin to attempt to renew the certificate.void
setSecretName(@NonNull java.lang.String secretName)
SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource.void
setSubject(CertificateSpecSubject subject)
void
setUriSANs(java.util.List<java.lang.String> uriSANs)
URISANs is a list of URI subjectAltNames to be set on the Certificate.void
setUsages(java.util.List<java.lang.String> usages)
Usages is the set of x509 usages that are requested for the certificate.CertificateSpec.Builder
toBuilder()
java.lang.String
toString()
-
-
-
Constructor Detail
-
CertificateSpec
public CertificateSpec(java.lang.String commonName, java.util.List<java.lang.String> dnsNames, java.lang.String duration, java.util.List<java.lang.String> emailSANs, java.lang.Boolean encodeUsagesInRequest, java.util.List<java.lang.String> ipAddresses, java.lang.Boolean isCA, @NonNull @NonNull CertificateSpecIssuerRef issuerRef, java.lang.String keyAlgorithm, java.lang.String keyEncoding, java.lang.Number keySize, CertificateSpecKeystores keystores, CertificateSpecPrivateKey privateKey, java.lang.String renewBefore, @NonNull @NonNull java.lang.String secretName, CertificateSpecSubject subject, java.util.List<java.lang.String> uriSANs, java.util.List<java.lang.String> usages)
-
CertificateSpec
public CertificateSpec()
-
-
Method Detail
-
builder
public static CertificateSpec.Builder builder()
-
toBuilder
public CertificateSpec.Builder toBuilder()
-
getCommonName
public java.lang.String getCommonName()
CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4
-
getDnsNames
public java.util.List<java.lang.String> getDnsNames()
DNSNames is a list of DNS subjectAltNames to be set on the Certificate.
-
getDuration
public java.lang.String getDuration()
The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If overridden and `renewBefore` is greater than the actual certificate duration, the certificate will be automatically renewed 2/3rds of the way through the certificate's duration.
-
getEmailSANs
public java.util.List<java.lang.String> getEmailSANs()
EmailSANs is a list of email subjectAltNames to be set on the Certificate.
-
getEncodeUsagesInRequest
public java.lang.Boolean getEncodeUsagesInRequest()
EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest
-
getIpAddresses
public java.util.List<java.lang.String> getIpAddresses()
IPAddresses is a list of IP address subjectAltNames to be set on the Certificate.
-
getIsCA
public java.lang.Boolean getIsCA()
IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`.
-
getIssuerRef
@NonNull public @NonNull CertificateSpecIssuerRef getIssuerRef()
-
getKeyAlgorithm
public java.lang.String getKeyAlgorithm()
KeyAlgorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either "rsa" or "ecdsa" If `keyAlgorithm` is specified and `keySize` is not provided, key size of 256 will be used for "ecdsa" key algorithm and key size of 2048 will be used for "rsa" key algorithm.
-
getKeyEncoding
public java.lang.String getKeyEncoding()
KeyEncoding is the private key cryptography standards (PKCS) for this certificate's private key to be encoded in. If provided, allowed values are "pkcs1" and "pkcs8" standing for PKCS#1 and PKCS#8, respectively. If KeyEncoding is not specified, then PKCS#1 will be used by default.
-
getKeySize
public java.lang.Number getKeySize()
KeySize is the key bit size of the corresponding private key for this certificate. If `keyAlgorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `keyAlgorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. No other values are allowed.
-
getKeystores
public CertificateSpecKeystores getKeystores()
-
getPrivateKey
public CertificateSpecPrivateKey getPrivateKey()
-
getRenewBefore
public java.lang.String getRenewBefore()
The amount of time before the currently issued certificate's `notAfter` time that cert-manager will begin to attempt to renew the certificate. If this value is greater than the total duration of the certificate (i.e. notAfter - notBefore), it will be automatically renewed 2/3rds of the way through the certificate's duration.
-
getSecretName
@NonNull public @NonNull java.lang.String getSecretName()
SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer.
-
getSubject
public CertificateSpecSubject getSubject()
-
getUriSANs
public java.util.List<java.lang.String> getUriSANs()
URISANs is a list of URI subjectAltNames to be set on the Certificate.
-
getUsages
public java.util.List<java.lang.String> getUsages()
Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified.
-
setCommonName
public void setCommonName(java.lang.String commonName)
CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4
-
setDnsNames
public void setDnsNames(java.util.List<java.lang.String> dnsNames)
DNSNames is a list of DNS subjectAltNames to be set on the Certificate.
-
setDuration
public void setDuration(java.lang.String duration)
The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If overridden and `renewBefore` is greater than the actual certificate duration, the certificate will be automatically renewed 2/3rds of the way through the certificate's duration.
-
setEmailSANs
public void setEmailSANs(java.util.List<java.lang.String> emailSANs)
EmailSANs is a list of email subjectAltNames to be set on the Certificate.
-
setEncodeUsagesInRequest
public void setEncodeUsagesInRequest(java.lang.Boolean encodeUsagesInRequest)
EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest
-
setIpAddresses
public void setIpAddresses(java.util.List<java.lang.String> ipAddresses)
IPAddresses is a list of IP address subjectAltNames to be set on the Certificate.
-
setIsCA
public void setIsCA(java.lang.Boolean isCA)
IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`.
-
setIssuerRef
public void setIssuerRef(@NonNull @NonNull CertificateSpecIssuerRef issuerRef)
-
setKeyAlgorithm
public void setKeyAlgorithm(java.lang.String keyAlgorithm)
KeyAlgorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either "rsa" or "ecdsa" If `keyAlgorithm` is specified and `keySize` is not provided, key size of 256 will be used for "ecdsa" key algorithm and key size of 2048 will be used for "rsa" key algorithm.
-
setKeyEncoding
public void setKeyEncoding(java.lang.String keyEncoding)
KeyEncoding is the private key cryptography standards (PKCS) for this certificate's private key to be encoded in. If provided, allowed values are "pkcs1" and "pkcs8" standing for PKCS#1 and PKCS#8, respectively. If KeyEncoding is not specified, then PKCS#1 will be used by default.
-
setKeySize
public void setKeySize(java.lang.Number keySize)
KeySize is the key bit size of the corresponding private key for this certificate. If `keyAlgorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `keyAlgorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. No other values are allowed.
-
setKeystores
public void setKeystores(CertificateSpecKeystores keystores)
-
setPrivateKey
public void setPrivateKey(CertificateSpecPrivateKey privateKey)
-
setRenewBefore
public void setRenewBefore(java.lang.String renewBefore)
The amount of time before the currently issued certificate's `notAfter` time that cert-manager will begin to attempt to renew the certificate. If this value is greater than the total duration of the certificate (i.e. notAfter - notBefore), it will be automatically renewed 2/3rds of the way through the certificate's duration.
-
setSecretName
public void setSecretName(@NonNull @NonNull java.lang.String secretName)
SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer.
-
setSubject
public void setSubject(CertificateSpecSubject subject)
-
setUriSANs
public void setUriSANs(java.util.List<java.lang.String> uriSANs)
URISANs is a list of URI subjectAltNames to be set on the Certificate.
-
setUsages
public void setUsages(java.util.List<java.lang.String> usages)
Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified.
-
equals
public boolean equals(java.lang.Object o)
- Overrides:
equals
in classjava.lang.Object
-
canEqual
protected boolean canEqual(java.lang.Object other)
-
hashCode
public int hashCode()
- Overrides:
hashCode
in classjava.lang.Object
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
-