Package com.marcnuri.yakc.model.io.certmanager.v1alpha3

Class CertificateSpec

  • All Implemented Interfaces:
    com.marcnuri.yakc.model.Model
    public class CertificateSpec
extends java.lang.Object
implements com.marcnuri.yakc.model.Model
    Desired state of the Certificate resource.

    • Constructor Summary

      Constructors 
      Constructor Description
      CertificateSpec()  
      CertificateSpec​(java.lang.String commonName, java.util.List<java.lang.String> dnsNames, java.lang.String duration, java.util.List<java.lang.String> emailSANs, java.lang.Boolean encodeUsagesInRequest, java.util.List<java.lang.String> ipAddresses, java.lang.Boolean isCA, @NonNull CertificateSpecIssuerRef issuerRef, java.lang.String keyAlgorithm, java.lang.String keyEncoding, java.lang.Number keySize, CertificateSpecKeystores keystores, CertificateSpecPrivateKey privateKey, java.lang.String renewBefore, @NonNull java.lang.String secretName, CertificateSpecSubject subject, java.util.List<java.lang.String> uriSANs, java.util.List<java.lang.String> usages)  

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static CertificateSpec.Builder builder()  
      protected boolean canEqual​(java.lang.Object other)  
      boolean equals​(java.lang.Object o)  
      java.lang.String getCommonName()
      CommonName is a common name to be used on the Certificate.
      java.util.List<java.lang.String> getDnsNames()
      DNSNames is a list of DNS subjectAltNames to be set on the Certificate.
      java.lang.String getDuration()
      The requested 'duration' (i.e.
      java.util.List<java.lang.String> getEmailSANs()
      EmailSANs is a list of email subjectAltNames to be set on the Certificate.
      java.lang.Boolean getEncodeUsagesInRequest()
      EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest
      java.util.List<java.lang.String> getIpAddresses()
      IPAddresses is a list of IP address subjectAltNames to be set on the Certificate.
      java.lang.Boolean getIsCA()
      IsCA will mark this Certificate as valid for certificate signing.
      @NonNull CertificateSpecIssuerRef getIssuerRef()  
      java.lang.String getKeyAlgorithm()
      KeyAlgorithm is the private key algorithm of the corresponding private key for this certificate.
      java.lang.String getKeyEncoding()
      KeyEncoding is the private key cryptography standards (PKCS) for this certificate's private key to be encoded in.
      java.lang.Number getKeySize()
      KeySize is the key bit size of the corresponding private key for this certificate.
      CertificateSpecKeystores getKeystores()  
      CertificateSpecPrivateKey getPrivateKey()  
      java.lang.String getRenewBefore()
      The amount of time before the currently issued certificate's `notAfter` time that cert-manager will begin to attempt to renew the certificate.
      @NonNull java.lang.String getSecretName()
      SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource.
      CertificateSpecSubject getSubject()  
      java.util.List<java.lang.String> getUriSANs()
      URISANs is a list of URI subjectAltNames to be set on the Certificate.
      java.util.List<java.lang.String> getUsages()
      Usages is the set of x509 usages that are requested for the certificate.
      int hashCode()  
      void setCommonName​(java.lang.String commonName)
      CommonName is a common name to be used on the Certificate.
      void setDnsNames​(java.util.List<java.lang.String> dnsNames)
      DNSNames is a list of DNS subjectAltNames to be set on the Certificate.
      void setDuration​(java.lang.String duration)
      The requested 'duration' (i.e.
      void setEmailSANs​(java.util.List<java.lang.String> emailSANs)
      EmailSANs is a list of email subjectAltNames to be set on the Certificate.
      void setEncodeUsagesInRequest​(java.lang.Boolean encodeUsagesInRequest)
      EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest
      void setIpAddresses​(java.util.List<java.lang.String> ipAddresses)
      IPAddresses is a list of IP address subjectAltNames to be set on the Certificate.
      void setIsCA​(java.lang.Boolean isCA)
      IsCA will mark this Certificate as valid for certificate signing.
      void setIssuerRef​(@NonNull CertificateSpecIssuerRef issuerRef)  
      void setKeyAlgorithm​(java.lang.String keyAlgorithm)
      KeyAlgorithm is the private key algorithm of the corresponding private key for this certificate.
      void setKeyEncoding​(java.lang.String keyEncoding)
      KeyEncoding is the private key cryptography standards (PKCS) for this certificate's private key to be encoded in.
      void setKeySize​(java.lang.Number keySize)
      KeySize is the key bit size of the corresponding private key for this certificate.
      void setKeystores​(CertificateSpecKeystores keystores)  
      void setPrivateKey​(CertificateSpecPrivateKey privateKey)  
      void setRenewBefore​(java.lang.String renewBefore)
      The amount of time before the currently issued certificate's `notAfter` time that cert-manager will begin to attempt to renew the certificate.
      void setSecretName​(@NonNull java.lang.String secretName)
      SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource.
      void setSubject​(CertificateSpecSubject subject)  
      void setUriSANs​(java.util.List<java.lang.String> uriSANs)
      URISANs is a list of URI subjectAltNames to be set on the Certificate.
      void setUsages​(java.util.List<java.lang.String> usages)
      Usages is the set of x509 usages that are requested for the certificate.
      CertificateSpec.Builder toBuilder()  
      java.lang.String toString()  

      • Methods inherited from class java.lang.Object

        clone, finalize, getClass, notify, notifyAll, wait, wait, wait

    • Constructor Detail

      • CertificateSpec

        public CertificateSpec​(java.lang.String commonName,
                       java.util.List<java.lang.String> dnsNames,
                       java.lang.String duration,
                       java.util.List<java.lang.String> emailSANs,
                       java.lang.Boolean encodeUsagesInRequest,
                       java.util.List<java.lang.String> ipAddresses,
                       java.lang.Boolean isCA,
                       @NonNull
                       @NonNull CertificateSpecIssuerRef issuerRef,
                       java.lang.String keyAlgorithm,
                       java.lang.String keyEncoding,
                       java.lang.Number keySize,
                       CertificateSpecKeystores keystores,
                       CertificateSpecPrivateKey privateKey,
                       java.lang.String renewBefore,
                       @NonNull
                       @NonNull java.lang.String secretName,
                       CertificateSpecSubject subject,
                       java.util.List<java.lang.String> uriSANs,
                       java.util.List<java.lang.String> usages)

      • CertificateSpec

        public CertificateSpec()

    • Method Detail

      • getCommonName

        public java.lang.String getCommonName()
        CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4

      • getDnsNames

        public java.util.List<java.lang.String> getDnsNames()
        DNSNames is a list of DNS subjectAltNames to be set on the Certificate.

      • getDuration

        public java.lang.String getDuration()
        The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If overridden and `renewBefore` is greater than the actual certificate duration, the certificate will be automatically renewed 2/3rds of the way through the certificate's duration.

      • getEmailSANs

        public java.util.List<java.lang.String> getEmailSANs()
        EmailSANs is a list of email subjectAltNames to be set on the Certificate.

      • getEncodeUsagesInRequest

        public java.lang.Boolean getEncodeUsagesInRequest()
        EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest

      • getIpAddresses

        public java.util.List<java.lang.String> getIpAddresses()
        IPAddresses is a list of IP address subjectAltNames to be set on the Certificate.

      • getIsCA

        public java.lang.Boolean getIsCA()
        IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`.

      • getKeyAlgorithm

        public java.lang.String getKeyAlgorithm()
        KeyAlgorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either "rsa" or "ecdsa" If `keyAlgorithm` is specified and `keySize` is not provided, key size of 256 will be used for "ecdsa" key algorithm and key size of 2048 will be used for "rsa" key algorithm.

      • getKeyEncoding

        public java.lang.String getKeyEncoding()
        KeyEncoding is the private key cryptography standards (PKCS) for this certificate's private key to be encoded in. If provided, allowed values are "pkcs1" and "pkcs8" standing for PKCS#1 and PKCS#8, respectively. If KeyEncoding is not specified, then PKCS#1 will be used by default.

      • getKeySize

        public java.lang.Number getKeySize()
        KeySize is the key bit size of the corresponding private key for this certificate. If `keyAlgorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `keyAlgorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. No other values are allowed.

      • getRenewBefore

        public java.lang.String getRenewBefore()
        The amount of time before the currently issued certificate's `notAfter` time that cert-manager will begin to attempt to renew the certificate. If this value is greater than the total duration of the certificate (i.e. notAfter - notBefore), it will be automatically renewed 2/3rds of the way through the certificate's duration.

      • getSecretName

        @NonNull
public @NonNull java.lang.String getSecretName()
        SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer.

      • getUriSANs

        public java.util.List<java.lang.String> getUriSANs()
        URISANs is a list of URI subjectAltNames to be set on the Certificate.

      • getUsages

        public java.util.List<java.lang.String> getUsages()
        Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified.

      • setCommonName

        public void setCommonName​(java.lang.String commonName)
        CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4

      • setDnsNames

        public void setDnsNames​(java.util.List<java.lang.String> dnsNames)
        DNSNames is a list of DNS subjectAltNames to be set on the Certificate.

      • setDuration

        public void setDuration​(java.lang.String duration)
        The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If overridden and `renewBefore` is greater than the actual certificate duration, the certificate will be automatically renewed 2/3rds of the way through the certificate's duration.

      • setEmailSANs

        public void setEmailSANs​(java.util.List<java.lang.String> emailSANs)
        EmailSANs is a list of email subjectAltNames to be set on the Certificate.

      • setEncodeUsagesInRequest

        public void setEncodeUsagesInRequest​(java.lang.Boolean encodeUsagesInRequest)
        EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest

      • setIpAddresses

        public void setIpAddresses​(java.util.List<java.lang.String> ipAddresses)
        IPAddresses is a list of IP address subjectAltNames to be set on the Certificate.

      • setIsCA

        public void setIsCA​(java.lang.Boolean isCA)
        IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`.

      • setKeyAlgorithm

        public void setKeyAlgorithm​(java.lang.String keyAlgorithm)
        KeyAlgorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either "rsa" or "ecdsa" If `keyAlgorithm` is specified and `keySize` is not provided, key size of 256 will be used for "ecdsa" key algorithm and key size of 2048 will be used for "rsa" key algorithm.

      • setKeyEncoding

        public void setKeyEncoding​(java.lang.String keyEncoding)
        KeyEncoding is the private key cryptography standards (PKCS) for this certificate's private key to be encoded in. If provided, allowed values are "pkcs1" and "pkcs8" standing for PKCS#1 and PKCS#8, respectively. If KeyEncoding is not specified, then PKCS#1 will be used by default.

      • setKeySize

        public void setKeySize​(java.lang.Number keySize)
        KeySize is the key bit size of the corresponding private key for this certificate. If `keyAlgorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `keyAlgorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. No other values are allowed.

      • setRenewBefore

        public void setRenewBefore​(java.lang.String renewBefore)
        The amount of time before the currently issued certificate's `notAfter` time that cert-manager will begin to attempt to renew the certificate. If this value is greater than the total duration of the certificate (i.e. notAfter - notBefore), it will be automatically renewed 2/3rds of the way through the certificate's duration.

      • setSecretName

        public void setSecretName​(@NonNull
                          @NonNull java.lang.String secretName)
        SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer.

      • setUriSANs

        public void setUriSANs​(java.util.List<java.lang.String> uriSANs)
        URISANs is a list of URI subjectAltNames to be set on the Certificate.

      • setUsages

        public void setUsages​(java.util.List<java.lang.String> usages)
        Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified.

      • equals

        public boolean equals​(java.lang.Object o)
        Overrides:
        equals in class java.lang.Object

      • canEqual

        protected boolean canEqual​(java.lang.Object other)

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.lang.Object

      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object