Docs Home
hsdp 0.65.3 published on Tuesday, Apr 15, 2025 by philips-software
hsdp.PkiCert
Explore with Pulumi AI
hsdp 0.65.3 published on Tuesday, Apr 15, 2025 by philips-software
Create and manage HSDP PKI leaf certificates
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as hsdp from "@pulumi/hsdp";
const cert = new hsdp.PkiCert("cert", {
tenantId: hsdp_pki_tenant.tenant.id,
role: "ec384",
commonName: "myapp.com",
altNames: "myapp.io,www.myapp.io",
ipSans: [],
uriSans: [],
otherSans: [],
ttl: "720h",
excludeCnFromSans: false,
});
import pulumi
import pulumi_hsdp as hsdp
cert = hsdp.PkiCert("cert",
tenant_id=hsdp_pki_tenant["tenant"]["id"],
role="ec384",
common_name="myapp.com",
alt_names="myapp.io,www.myapp.io",
ip_sans=[],
uri_sans=[],
other_sans=[],
ttl="720h",
exclude_cn_from_sans=False)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/hsdp/hsdp"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := hsdp.NewPkiCert(ctx, "cert", &hsdp.PkiCertArgs{
TenantId: pulumi.Any(hsdp_pki_tenant.Tenant.Id),
Role: pulumi.String("ec384"),
CommonName: pulumi.String("myapp.com"),
AltNames: pulumi.String("myapp.io,www.myapp.io"),
IpSans: pulumi.StringArray{},
UriSans: pulumi.StringArray{},
OtherSans: pulumi.StringArray{},
Ttl: pulumi.String("720h"),
ExcludeCnFromSans: pulumi.Bool(false),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Hsdp = Pulumi.Hsdp;
return await Deployment.RunAsync(() =>
{
var cert = new Hsdp.PkiCert("cert", new()
{
TenantId = hsdp_pki_tenant.Tenant.Id,
Role = "ec384",
CommonName = "myapp.com",
AltNames = "myapp.io,www.myapp.io",
IpSans = new[] {},
UriSans = new[] {},
OtherSans = new[] {},
Ttl = "720h",
ExcludeCnFromSans = false,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.hsdp.PkiCert;
import com.pulumi.hsdp.PkiCertArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var cert = new PkiCert("cert", PkiCertArgs.builder()
.tenantId(hsdp_pki_tenant.tenant().id())
.role("ec384")
.commonName("myapp.com")
.altNames("myapp.io,www.myapp.io")
.ipSans()
.uriSans()
.otherSans()
.ttl("720h")
.excludeCnFromSans(false)
.build());
}
}
resources:
cert:
type: hsdp:PkiCert
properties:
tenantId: ${hsdp_pki_tenant.tenant.id}
role: ec384
commonName: myapp.com
altNames: myapp.io,www.myapp.io
ipSans: []
uriSans: []
otherSans: []
ttl: 720h
excludeCnFromSans: false
The next example will refresh the certificate every quarter. You’ll need to run the apply step occasionally
import * as pulumi from "@pulumi/pulumi";
import * as hsdp from "@pulumi/hsdp";
const pki = hsdp.getConfig({
service: "pki",
});
const autoRefreshCert = new hsdp.PkiCert("autoRefreshCert", {
triggers: {
refresh: pki.then(pki => pki.slidingExpiresOn),
},
tenantId: hsdp_pki_tenant.tenant.id,
role: "ec384",
commonName: "myapp.com",
altNames: "myapp.io,www.myapp.io",
ipSans: [],
uriSans: [],
otherSans: [],
ttl: "720h",
excludeCnFromSans: false,
});
import pulumi
import pulumi_hsdp as hsdp
pki = hsdp.get_config(service="pki")
auto_refresh_cert = hsdp.PkiCert("autoRefreshCert",
triggers={
"refresh": pki.sliding_expires_on,
},
tenant_id=hsdp_pki_tenant["tenant"]["id"],
role="ec384",
common_name="myapp.com",
alt_names="myapp.io,www.myapp.io",
ip_sans=[],
uri_sans=[],
other_sans=[],
ttl="720h",
exclude_cn_from_sans=False)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/hsdp/hsdp"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
pki, err := hsdp.GetConfig(ctx, &hsdp.GetConfigArgs{
Service: "pki",
}, nil)
if err != nil {
return err
}
_, err = hsdp.NewPkiCert(ctx, "autoRefreshCert", &hsdp.PkiCertArgs{
Triggers: pulumi.StringMap{
"refresh": pulumi.String(pki.SlidingExpiresOn),
},
TenantId: pulumi.Any(hsdp_pki_tenant.Tenant.Id),
Role: pulumi.String("ec384"),
CommonName: pulumi.String("myapp.com"),
AltNames: pulumi.String("myapp.io,www.myapp.io"),
IpSans: pulumi.StringArray{},
UriSans: pulumi.StringArray{},
OtherSans: pulumi.StringArray{},
Ttl: pulumi.String("720h"),
ExcludeCnFromSans: pulumi.Bool(false),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Hsdp = Pulumi.Hsdp;
return await Deployment.RunAsync(() =>
{
var pki = Hsdp.GetConfig.Invoke(new()
{
Service = "pki",
});
var autoRefreshCert = new Hsdp.PkiCert("autoRefreshCert", new()
{
Triggers =
{
{ "refresh", pki.Apply(getConfigResult => getConfigResult.SlidingExpiresOn) },
},
TenantId = hsdp_pki_tenant.Tenant.Id,
Role = "ec384",
CommonName = "myapp.com",
AltNames = "myapp.io,www.myapp.io",
IpSans = new[] {},
UriSans = new[] {},
OtherSans = new[] {},
Ttl = "720h",
ExcludeCnFromSans = false,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.hsdp.HsdpFunctions;
import com.pulumi.hsdp.inputs.GetConfigArgs;
import com.pulumi.hsdp.PkiCert;
import com.pulumi.hsdp.PkiCertArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var pki = HsdpFunctions.getConfig(GetConfigArgs.builder()
.service("pki")
.build());
var autoRefreshCert = new PkiCert("autoRefreshCert", PkiCertArgs.builder()
.triggers(Map.of("refresh", pki.applyValue(getConfigResult -> getConfigResult.slidingExpiresOn())))
.tenantId(hsdp_pki_tenant.tenant().id())
.role("ec384")
.commonName("myapp.com")
.altNames("myapp.io,www.myapp.io")
.ipSans()
.uriSans()
.otherSans()
.ttl("720h")
.excludeCnFromSans(false)
.build());
}
}
resources:
autoRefreshCert:
type: hsdp:PkiCert
properties:
triggers:
refresh: ${pki.slidingExpiresOn}
tenantId: ${hsdp_pki_tenant.tenant.id}
role: ec384
commonName: myapp.com
altNames: myapp.io,www.myapp.io
ipSans: []
uriSans: []
otherSans: []
ttl: 720h
excludeCnFromSans: false
variables:
pki:
fn::invoke:
function: hsdp:getConfig
arguments:
service: pki
Create PkiCert Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new PkiCert(name: string, args: PkiCertArgs, opts?: CustomResourceOptions);@overload
def PkiCert(resource_name: str,
args: PkiCertArgs,
opts: Optional[ResourceOptions] = None)
@overload
def PkiCert(resource_name: str,
opts: Optional[ResourceOptions] = None,
common_name: Optional[str] = None,
role: Optional[str] = None,
tenant_id: Optional[str] = None,
alt_name: Optional[str] = None,
alt_names: Optional[str] = None,
exclude_cn_from_sans: Optional[bool] = None,
ip_sans: Optional[Sequence[str]] = None,
other_sans: Optional[Sequence[str]] = None,
pki_cert_id: Optional[str] = None,
triggers: Optional[Mapping[str, str]] = None,
ttl: Optional[str] = None,
uri_sans: Optional[Sequence[str]] = None)func NewPkiCert(ctx *Context, name string, args PkiCertArgs, opts ...ResourceOption) (*PkiCert, error)public PkiCert(string name, PkiCertArgs args, CustomResourceOptions? opts = null)
public PkiCert(String name, PkiCertArgs args)
public PkiCert(String name, PkiCertArgs args, CustomResourceOptions options)
type: hsdp:PkiCert
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PkiCertArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PkiCertArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PkiCertArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PkiCertArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PkiCertArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var pkiCertResource = new Hsdp.PkiCert("pkiCertResource", new()
{
CommonName = "string",
Role = "string",
TenantId = "string",
AltNames = "string",
ExcludeCnFromSans = false,
IpSans = new[]
{
"string",
},
OtherSans = new[]
{
"string",
},
PkiCertId = "string",
Triggers =
{
{ "string", "string" },
},
Ttl = "string",
UriSans = new[]
{
"string",
},
});
example, err := hsdp.NewPkiCert(ctx, "pkiCertResource", &hsdp.PkiCertArgs{
CommonName: pulumi.String("string"),
Role: pulumi.String("string"),
TenantId: pulumi.String("string"),
AltNames: pulumi.String("string"),
ExcludeCnFromSans: pulumi.Bool(false),
IpSans: pulumi.StringArray{
pulumi.String("string"),
},
OtherSans: pulumi.StringArray{
pulumi.String("string"),
},
PkiCertId: pulumi.String("string"),
Triggers: pulumi.StringMap{
"string": pulumi.String("string"),
},
Ttl: pulumi.String("string"),
UriSans: pulumi.StringArray{
pulumi.String("string"),
},
})
var pkiCertResource = new PkiCert("pkiCertResource", PkiCertArgs.builder()
.commonName("string")
.role("string")
.tenantId("string")
.altNames("string")
.excludeCnFromSans(false)
.ipSans("string")
.otherSans("string")
.pkiCertId("string")
.triggers(Map.of("string", "string"))
.ttl("string")
.uriSans("string")
.build());
pki_cert_resource = hsdp.PkiCert("pkiCertResource",
common_name="string",
role="string",
tenant_id="string",
alt_names="string",
exclude_cn_from_sans=False,
ip_sans=["string"],
other_sans=["string"],
pki_cert_id="string",
triggers={
"string": "string",
},
ttl="string",
uri_sans=["string"])
const pkiCertResource = new hsdp.PkiCert("pkiCertResource", {
commonName: "string",
role: "string",
tenantId: "string",
altNames: "string",
excludeCnFromSans: false,
ipSans: ["string"],
otherSans: ["string"],
pkiCertId: "string",
triggers: {
string: "string",
},
ttl: "string",
uriSans: ["string"],
});
type: hsdp:PkiCert
properties:
altNames: string
commonName: string
excludeCnFromSans: false
ipSans:
- string
otherSans:
- string
pkiCertId: string
role: string
tenantId: string
triggers:
string: string
ttl: string
uriSans:
- string
PkiCert Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The PkiCert resource accepts the following input properties:
- Common
Name string - The common name to use
- Role string
- the Role to use as defined under a PKI Tenant resource
- Tenant
Id string - The tenant ID to create this certificate under
- Alt
Name string - Alt
Names string - Alternative names to use, comma separated list.
- Exclude
Cn boolFrom Sans - Exclude common name from SAN
- Ip
Sans List<string> - ) A list of IP SANS to include
- Other
Sans List<string> - ) A list of other SANS to include
- Pki
Cert stringId - Triggers Dictionary<string, string>
- ) An list of strings which when changes will trigger recreation of the resource
- Ttl string
- The TTL, example
720hfor 1 month - Uri
Sans List<string> - ) A list of URI SANS to include
- Common
Name string - The common name to use
- Role string
- the Role to use as defined under a PKI Tenant resource
- Tenant
Id string - The tenant ID to create this certificate under
- Alt
Name string - Alt
Names string - Alternative names to use, comma separated list.
- Exclude
Cn boolFrom Sans - Exclude common name from SAN
- Ip
Sans []string - ) A list of IP SANS to include
- Other
Sans []string - ) A list of other SANS to include
- Pki
Cert stringId - Triggers map[string]string
- ) An list of strings which when changes will trigger recreation of the resource
- Ttl string
- The TTL, example
720hfor 1 month - Uri
Sans []string - ) A list of URI SANS to include
- common
Name String - The common name to use
- role String
- the Role to use as defined under a PKI Tenant resource
- tenant
Id String - The tenant ID to create this certificate under
- alt
Name String - alt
Names String - Alternative names to use, comma separated list.
- exclude
Cn BooleanFrom Sans - Exclude common name from SAN
- ip
Sans List<String> - ) A list of IP SANS to include
- other
Sans List<String> - ) A list of other SANS to include
- pki
Cert StringId - triggers Map<String,String>
- ) An list of strings which when changes will trigger recreation of the resource
- ttl String
- The TTL, example
720hfor 1 month - uri
Sans List<String> - ) A list of URI SANS to include
- common
Name string - The common name to use
- role string
- the Role to use as defined under a PKI Tenant resource
- tenant
Id string - The tenant ID to create this certificate under
- alt
Name string - alt
Names string - Alternative names to use, comma separated list.
- exclude
Cn booleanFrom Sans - Exclude common name from SAN
- ip
Sans string[] - ) A list of IP SANS to include
- other
Sans string[] - ) A list of other SANS to include
- pki
Cert stringId - triggers {[key: string]: string}
- ) An list of strings which when changes will trigger recreation of the resource
- ttl string
- The TTL, example
720hfor 1 month - uri
Sans string[] - ) A list of URI SANS to include
- common_
name str - The common name to use
- role str
- the Role to use as defined under a PKI Tenant resource
- tenant_
id str - The tenant ID to create this certificate under
- alt_
name str - alt_
names str - Alternative names to use, comma separated list.
- exclude_
cn_ boolfrom_ sans - Exclude common name from SAN
- ip_
sans Sequence[str] - ) A list of IP SANS to include
- other_
sans Sequence[str] - ) A list of other SANS to include
- pki_
cert_ strid - triggers Mapping[str, str]
- ) An list of strings which when changes will trigger recreation of the resource
- ttl str
- The TTL, example
720hfor 1 month - uri_
sans Sequence[str] - ) A list of URI SANS to include
- common
Name String - The common name to use
- role String
- the Role to use as defined under a PKI Tenant resource
- tenant
Id String - The tenant ID to create this certificate under
- alt
Name String - alt
Names String - Alternative names to use, comma separated list.
- exclude
Cn BooleanFrom Sans - Exclude common name from SAN
- ip
Sans List<String> - ) A list of IP SANS to include
- other
Sans List<String> - ) A list of other SANS to include
- pki
Cert StringId - triggers Map<String>
- ) An list of strings which when changes will trigger recreation of the resource
- ttl String
- The TTL, example
720hfor 1 month - uri
Sans List<String> - ) A list of URI SANS to include
Outputs
All input properties are implicitly available as output properties. Additionally, the PkiCert resource produces the following output properties:
- Ca
Chain stringPem - The full CA chain in PEM format
- Cert
Pem string - The certificate in PEM format
- Expiration double
- (int) The Unix timestamp when the certificate will expire
- Id string
- The provider-assigned unique ID for this managed resource.
- Issuing
Ca stringPem - The issuing CA certicate in PEM format
- Private
Key stringPem - The private key in PEM format
- Serial
Number string - The certificate serial number (equal to resource ID)
- Ca
Chain stringPem - The full CA chain in PEM format
- Cert
Pem string - The certificate in PEM format
- Expiration float64
- (int) The Unix timestamp when the certificate will expire
- Id string
- The provider-assigned unique ID for this managed resource.
- Issuing
Ca stringPem - The issuing CA certicate in PEM format
- Private
Key stringPem - The private key in PEM format
- Serial
Number string - The certificate serial number (equal to resource ID)
- ca
Chain StringPem - The full CA chain in PEM format
- cert
Pem String - The certificate in PEM format
- expiration Double
- (int) The Unix timestamp when the certificate will expire
- id String
- The provider-assigned unique ID for this managed resource.
- issuing
Ca StringPem - The issuing CA certicate in PEM format
- private
Key StringPem - The private key in PEM format
- serial
Number String - The certificate serial number (equal to resource ID)
- ca
Chain stringPem - The full CA chain in PEM format
- cert
Pem string - The certificate in PEM format
- expiration number
- (int) The Unix timestamp when the certificate will expire
- id string
- The provider-assigned unique ID for this managed resource.
- issuing
Ca stringPem - The issuing CA certicate in PEM format
- private
Key stringPem - The private key in PEM format
- serial
Number string - The certificate serial number (equal to resource ID)
- ca_
chain_ strpem - The full CA chain in PEM format
- cert_
pem str - The certificate in PEM format
- expiration float
- (int) The Unix timestamp when the certificate will expire
- id str
- The provider-assigned unique ID for this managed resource.
- issuing_
ca_ strpem - The issuing CA certicate in PEM format
- private_
key_ strpem - The private key in PEM format
- serial_
number str - The certificate serial number (equal to resource ID)
- ca
Chain StringPem - The full CA chain in PEM format
- cert
Pem String - The certificate in PEM format
- expiration Number
- (int) The Unix timestamp when the certificate will expire
- id String
- The provider-assigned unique ID for this managed resource.
- issuing
Ca StringPem - The issuing CA certicate in PEM format
- private
Key StringPem - The private key in PEM format
- serial
Number String - The certificate serial number (equal to resource ID)
Look up Existing PkiCert Resource
Get an existing PkiCert resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: PkiCertState, opts?: CustomResourceOptions): PkiCert@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
alt_name: Optional[str] = None,
alt_names: Optional[str] = None,
ca_chain_pem: Optional[str] = None,
cert_pem: Optional[str] = None,
common_name: Optional[str] = None,
exclude_cn_from_sans: Optional[bool] = None,
expiration: Optional[float] = None,
ip_sans: Optional[Sequence[str]] = None,
issuing_ca_pem: Optional[str] = None,
other_sans: Optional[Sequence[str]] = None,
pki_cert_id: Optional[str] = None,
private_key_pem: Optional[str] = None,
role: Optional[str] = None,
serial_number: Optional[str] = None,
tenant_id: Optional[str] = None,
triggers: Optional[Mapping[str, str]] = None,
ttl: Optional[str] = None,
uri_sans: Optional[Sequence[str]] = None) -> PkiCertfunc GetPkiCert(ctx *Context, name string, id IDInput, state *PkiCertState, opts ...ResourceOption) (*PkiCert, error)public static PkiCert Get(string name, Input<string> id, PkiCertState? state, CustomResourceOptions? opts = null)public static PkiCert get(String name, Output<String> id, PkiCertState state, CustomResourceOptions options)resources: _: type: hsdp:PkiCert get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Alt
Name string - Alt
Names string - Alternative names to use, comma separated list.
- Ca
Chain stringPem - The full CA chain in PEM format
- Cert
Pem string - The certificate in PEM format
- Common
Name string - The common name to use
- Exclude
Cn boolFrom Sans - Exclude common name from SAN
- Expiration double
- (int) The Unix timestamp when the certificate will expire
- Ip
Sans List<string> - ) A list of IP SANS to include
- Issuing
Ca stringPem - The issuing CA certicate in PEM format
- Other
Sans List<string> - ) A list of other SANS to include
- Pki
Cert stringId - Private
Key stringPem - The private key in PEM format
- Role string
- the Role to use as defined under a PKI Tenant resource
- Serial
Number string - The certificate serial number (equal to resource ID)
- Tenant
Id string - The tenant ID to create this certificate under
- Triggers Dictionary<string, string>
- ) An list of strings which when changes will trigger recreation of the resource
- Ttl string
- The TTL, example
720hfor 1 month - Uri
Sans List<string> - ) A list of URI SANS to include
- Alt
Name string - Alt
Names string - Alternative names to use, comma separated list.
- Ca
Chain stringPem - The full CA chain in PEM format
- Cert
Pem string - The certificate in PEM format
- Common
Name string - The common name to use
- Exclude
Cn boolFrom Sans - Exclude common name from SAN
- Expiration float64
- (int) The Unix timestamp when the certificate will expire
- Ip
Sans []string - ) A list of IP SANS to include
- Issuing
Ca stringPem - The issuing CA certicate in PEM format
- Other
Sans []string - ) A list of other SANS to include
- Pki
Cert stringId - Private
Key stringPem - The private key in PEM format
- Role string
- the Role to use as defined under a PKI Tenant resource
- Serial
Number string - The certificate serial number (equal to resource ID)
- Tenant
Id string - The tenant ID to create this certificate under
- Triggers map[string]string
- ) An list of strings which when changes will trigger recreation of the resource
- Ttl string
- The TTL, example
720hfor 1 month - Uri
Sans []string - ) A list of URI SANS to include
- alt
Name String - alt
Names String - Alternative names to use, comma separated list.
- ca
Chain StringPem - The full CA chain in PEM format
- cert
Pem String - The certificate in PEM format
- common
Name String - The common name to use
- exclude
Cn BooleanFrom Sans - Exclude common name from SAN
- expiration Double
- (int) The Unix timestamp when the certificate will expire
- ip
Sans List<String> - ) A list of IP SANS to include
- issuing
Ca StringPem - The issuing CA certicate in PEM format
- other
Sans List<String> - ) A list of other SANS to include
- pki
Cert StringId - private
Key StringPem - The private key in PEM format
- role String
- the Role to use as defined under a PKI Tenant resource
- serial
Number String - The certificate serial number (equal to resource ID)
- tenant
Id String - The tenant ID to create this certificate under
- triggers Map<String,String>
- ) An list of strings which when changes will trigger recreation of the resource
- ttl String
- The TTL, example
720hfor 1 month - uri
Sans List<String> - ) A list of URI SANS to include
- alt
Name string - alt
Names string - Alternative names to use, comma separated list.
- ca
Chain stringPem - The full CA chain in PEM format
- cert
Pem string - The certificate in PEM format
- common
Name string - The common name to use
- exclude
Cn booleanFrom Sans - Exclude common name from SAN
- expiration number
- (int) The Unix timestamp when the certificate will expire
- ip
Sans string[] - ) A list of IP SANS to include
- issuing
Ca stringPem - The issuing CA certicate in PEM format
- other
Sans string[] - ) A list of other SANS to include
- pki
Cert stringId - private
Key stringPem - The private key in PEM format
- role string
- the Role to use as defined under a PKI Tenant resource
- serial
Number string - The certificate serial number (equal to resource ID)
- tenant
Id string - The tenant ID to create this certificate under
- triggers {[key: string]: string}
- ) An list of strings which when changes will trigger recreation of the resource
- ttl string
- The TTL, example
720hfor 1 month - uri
Sans string[] - ) A list of URI SANS to include
- alt_
name str - alt_
names str - Alternative names to use, comma separated list.
- ca_
chain_ strpem - The full CA chain in PEM format
- cert_
pem str - The certificate in PEM format
- common_
name str - The common name to use
- exclude_
cn_ boolfrom_ sans - Exclude common name from SAN
- expiration float
- (int) The Unix timestamp when the certificate will expire
- ip_
sans Sequence[str] - ) A list of IP SANS to include
- issuing_
ca_ strpem - The issuing CA certicate in PEM format
- other_
sans Sequence[str] - ) A list of other SANS to include
- pki_
cert_ strid - private_
key_ strpem - The private key in PEM format
- role str
- the Role to use as defined under a PKI Tenant resource
- serial_
number str - The certificate serial number (equal to resource ID)
- tenant_
id str - The tenant ID to create this certificate under
- triggers Mapping[str, str]
- ) An list of strings which when changes will trigger recreation of the resource
- ttl str
- The TTL, example
720hfor 1 month - uri_
sans Sequence[str] - ) A list of URI SANS to include
- alt
Name String - alt
Names String - Alternative names to use, comma separated list.
- ca
Chain StringPem - The full CA chain in PEM format
- cert
Pem String - The certificate in PEM format
- common
Name String - The common name to use
- exclude
Cn BooleanFrom Sans - Exclude common name from SAN
- expiration Number
- (int) The Unix timestamp when the certificate will expire
- ip
Sans List<String> - ) A list of IP SANS to include
- issuing
Ca StringPem - The issuing CA certicate in PEM format
- other
Sans List<String> - ) A list of other SANS to include
- pki
Cert StringId - private
Key StringPem - The private key in PEM format
- role String
- the Role to use as defined under a PKI Tenant resource
- serial
Number String - The certificate serial number (equal to resource ID)
- tenant
Id String - The tenant ID to create this certificate under
- triggers Map<String>
- ) An list of strings which when changes will trigger recreation of the resource
- ttl String
- The TTL, example
720hfor 1 month - uri
Sans List<String> - ) A list of URI SANS to include
Import
ing
Importing a HSDP PKI certificate is supported but not recommended as the private key will be missing, rendering the resource more or less useless in most cases. You can import a certificate using the serial number
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- hsdp philips-software/terraform-provider-hsdp
- License
- Notes
- This Pulumi package is based on the
hsdpTerraform Provider.
hsdp 0.65.3 published on Tuesday, Apr 15, 2025 by philips-software