Docs Home
panos 2.0.0 published on Tuesday, Apr 15, 2025 by paloaltonetworks
panos.CertificateProfile
Explore with Pulumi AI
panos 2.0.0 published on Tuesday, Apr 15, 2025 by paloaltonetworks
Create CertificateProfile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CertificateProfile(name: string, args: CertificateProfileArgs, opts?: CustomResourceOptions);@overload
def CertificateProfile(resource_name: str,
args: CertificateProfileArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CertificateProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
location: Optional[CertificateProfileLocationArgs] = None,
crl_receive_timeout: Optional[float] = None,
block_timeout_certificate: Optional[bool] = None,
block_unknown_certificate: Optional[bool] = None,
certificate_status_timeout: Optional[float] = None,
certificates: Optional[Sequence[CertificateProfileCertificateArgs]] = None,
block_expired_certificate: Optional[bool] = None,
domain: Optional[str] = None,
block_unauthenticated_certificate: Optional[bool] = None,
name: Optional[str] = None,
ocsp_exclude_nonce: Optional[bool] = None,
ocsp_receive_timeout: Optional[float] = None,
use_crl: Optional[bool] = None,
use_ocsp: Optional[bool] = None,
username_field: Optional[CertificateProfileUsernameFieldArgs] = None)func NewCertificateProfile(ctx *Context, name string, args CertificateProfileArgs, opts ...ResourceOption) (*CertificateProfile, error)public CertificateProfile(string name, CertificateProfileArgs args, CustomResourceOptions? opts = null)
public CertificateProfile(String name, CertificateProfileArgs args)
public CertificateProfile(String name, CertificateProfileArgs args, CustomResourceOptions options)
type: panos:CertificateProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CertificateProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CertificateProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CertificateProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertificateProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CertificateProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var certificateProfileResource = new Panos.CertificateProfile("certificateProfileResource", new()
{
Location = new Panos.Inputs.CertificateProfileLocationArgs
{
Panorama = null,
Shared = null,
Template = new Panos.Inputs.CertificateProfileLocationTemplateArgs
{
Name = "string",
PanoramaDevice = "string",
},
TemplateStack = new Panos.Inputs.CertificateProfileLocationTemplateStackArgs
{
Name = "string",
PanoramaDevice = "string",
},
TemplateStackVsys = new Panos.Inputs.CertificateProfileLocationTemplateStackVsysArgs
{
NgfwDevice = "string",
PanoramaDevice = "string",
TemplateStack = "string",
Vsys = "string",
},
TemplateVsys = new Panos.Inputs.CertificateProfileLocationTemplateVsysArgs
{
NgfwDevice = "string",
PanoramaDevice = "string",
Template = "string",
Vsys = "string",
},
},
CrlReceiveTimeout = 0,
BlockTimeoutCertificate = false,
BlockUnknownCertificate = false,
CertificateStatusTimeout = 0,
Certificates = new[]
{
new Panos.Inputs.CertificateProfileCertificateArgs
{
Name = "string",
DefaultOcspUrl = "string",
OcspVerifyCertificate = "string",
TemplateName = "string",
},
},
BlockExpiredCertificate = false,
Domain = "string",
BlockUnauthenticatedCertificate = false,
Name = "string",
OcspExcludeNonce = false,
OcspReceiveTimeout = 0,
UseCrl = false,
UseOcsp = false,
UsernameField = new Panos.Inputs.CertificateProfileUsernameFieldArgs
{
Subject = "string",
SubjectAlt = "string",
},
});
example, err := panos.NewCertificateProfile(ctx, "certificateProfileResource", &panos.CertificateProfileArgs{
Location: &panos.CertificateProfileLocationArgs{
Panorama: &panos.CertificateProfileLocationPanoramaArgs{},
Shared: &panos.CertificateProfileLocationSharedArgs{},
Template: &panos.CertificateProfileLocationTemplateArgs{
Name: pulumi.String("string"),
PanoramaDevice: pulumi.String("string"),
},
TemplateStack: &panos.CertificateProfileLocationTemplateStackArgs{
Name: pulumi.String("string"),
PanoramaDevice: pulumi.String("string"),
},
TemplateStackVsys: &panos.CertificateProfileLocationTemplateStackVsysArgs{
NgfwDevice: pulumi.String("string"),
PanoramaDevice: pulumi.String("string"),
TemplateStack: pulumi.String("string"),
Vsys: pulumi.String("string"),
},
TemplateVsys: &panos.CertificateProfileLocationTemplateVsysArgs{
NgfwDevice: pulumi.String("string"),
PanoramaDevice: pulumi.String("string"),
Template: pulumi.String("string"),
Vsys: pulumi.String("string"),
},
},
CrlReceiveTimeout: pulumi.Float64(0),
BlockTimeoutCertificate: pulumi.Bool(false),
BlockUnknownCertificate: pulumi.Bool(false),
CertificateStatusTimeout: pulumi.Float64(0),
Certificates: panos.CertificateProfileCertificateArray{
&panos.CertificateProfileCertificateArgs{
Name: pulumi.String("string"),
DefaultOcspUrl: pulumi.String("string"),
OcspVerifyCertificate: pulumi.String("string"),
TemplateName: pulumi.String("string"),
},
},
BlockExpiredCertificate: pulumi.Bool(false),
Domain: pulumi.String("string"),
BlockUnauthenticatedCertificate: pulumi.Bool(false),
Name: pulumi.String("string"),
OcspExcludeNonce: pulumi.Bool(false),
OcspReceiveTimeout: pulumi.Float64(0),
UseCrl: pulumi.Bool(false),
UseOcsp: pulumi.Bool(false),
UsernameField: &panos.CertificateProfileUsernameFieldArgs{
Subject: pulumi.String("string"),
SubjectAlt: pulumi.String("string"),
},
})
var certificateProfileResource = new CertificateProfile("certificateProfileResource", CertificateProfileArgs.builder()
.location(CertificateProfileLocationArgs.builder()
.panorama()
.shared()
.template(CertificateProfileLocationTemplateArgs.builder()
.name("string")
.panoramaDevice("string")
.build())
.templateStack(CertificateProfileLocationTemplateStackArgs.builder()
.name("string")
.panoramaDevice("string")
.build())
.templateStackVsys(CertificateProfileLocationTemplateStackVsysArgs.builder()
.ngfwDevice("string")
.panoramaDevice("string")
.templateStack("string")
.vsys("string")
.build())
.templateVsys(CertificateProfileLocationTemplateVsysArgs.builder()
.ngfwDevice("string")
.panoramaDevice("string")
.template("string")
.vsys("string")
.build())
.build())
.crlReceiveTimeout(0)
.blockTimeoutCertificate(false)
.blockUnknownCertificate(false)
.certificateStatusTimeout(0)
.certificates(CertificateProfileCertificateArgs.builder()
.name("string")
.defaultOcspUrl("string")
.ocspVerifyCertificate("string")
.templateName("string")
.build())
.blockExpiredCertificate(false)
.domain("string")
.blockUnauthenticatedCertificate(false)
.name("string")
.ocspExcludeNonce(false)
.ocspReceiveTimeout(0)
.useCrl(false)
.useOcsp(false)
.usernameField(CertificateProfileUsernameFieldArgs.builder()
.subject("string")
.subjectAlt("string")
.build())
.build());
certificate_profile_resource = panos.CertificateProfile("certificateProfileResource",
location={
"panorama": {},
"shared": {},
"template": {
"name": "string",
"panorama_device": "string",
},
"template_stack": {
"name": "string",
"panorama_device": "string",
},
"template_stack_vsys": {
"ngfw_device": "string",
"panorama_device": "string",
"template_stack": "string",
"vsys": "string",
},
"template_vsys": {
"ngfw_device": "string",
"panorama_device": "string",
"template": "string",
"vsys": "string",
},
},
crl_receive_timeout=0,
block_timeout_certificate=False,
block_unknown_certificate=False,
certificate_status_timeout=0,
certificates=[{
"name": "string",
"default_ocsp_url": "string",
"ocsp_verify_certificate": "string",
"template_name": "string",
}],
block_expired_certificate=False,
domain="string",
block_unauthenticated_certificate=False,
name="string",
ocsp_exclude_nonce=False,
ocsp_receive_timeout=0,
use_crl=False,
use_ocsp=False,
username_field={
"subject": "string",
"subject_alt": "string",
})
const certificateProfileResource = new panos.CertificateProfile("certificateProfileResource", {
location: {
panorama: {},
shared: {},
template: {
name: "string",
panoramaDevice: "string",
},
templateStack: {
name: "string",
panoramaDevice: "string",
},
templateStackVsys: {
ngfwDevice: "string",
panoramaDevice: "string",
templateStack: "string",
vsys: "string",
},
templateVsys: {
ngfwDevice: "string",
panoramaDevice: "string",
template: "string",
vsys: "string",
},
},
crlReceiveTimeout: 0,
blockTimeoutCertificate: false,
blockUnknownCertificate: false,
certificateStatusTimeout: 0,
certificates: [{
name: "string",
defaultOcspUrl: "string",
ocspVerifyCertificate: "string",
templateName: "string",
}],
blockExpiredCertificate: false,
domain: "string",
blockUnauthenticatedCertificate: false,
name: "string",
ocspExcludeNonce: false,
ocspReceiveTimeout: 0,
useCrl: false,
useOcsp: false,
usernameField: {
subject: "string",
subjectAlt: "string",
},
});
type: panos:CertificateProfile
properties:
blockExpiredCertificate: false
blockTimeoutCertificate: false
blockUnauthenticatedCertificate: false
blockUnknownCertificate: false
certificateStatusTimeout: 0
certificates:
- defaultOcspUrl: string
name: string
ocspVerifyCertificate: string
templateName: string
crlReceiveTimeout: 0
domain: string
location:
panorama: {}
shared: {}
template:
name: string
panoramaDevice: string
templateStack:
name: string
panoramaDevice: string
templateStackVsys:
ngfwDevice: string
panoramaDevice: string
templateStack: string
vsys: string
templateVsys:
ngfwDevice: string
panoramaDevice: string
template: string
vsys: string
name: string
ocspExcludeNonce: false
ocspReceiveTimeout: 0
useCrl: false
useOcsp: false
usernameField:
subject: string
subjectAlt: string
CertificateProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CertificateProfile resource accepts the following input properties:
- Location
Certificate
Profile Location - The location of this object.
- Block
Expired boolCertificate - Whether to block a session if certificate status is expired.
- Block
Timeout boolCertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- Block
Unauthenticated boolCertificate - Whether to block session if the certificate was not issued to the authenticating device.
- Block
Unknown boolCertificate - Whether to block a session if cert. status is unknown.
- Certificate
Status doubleTimeout - Certificate status query timeout value in seconds.
- Certificates
List<Certificate
Profile Certificate> - CA Certificate to assign to the profile.
- Crl
Receive doubleTimeout - CRL receive timeout value in seconds.
- Domain string
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- Name string
- Ocsp
Exclude boolNonce - Whether to exclude nonce extension for OCSP requests.
- Ocsp
Receive doubleTimeout - OCSP receive timeout value in seconds.
- Use
Crl bool - Enable use of CRL to verify the revocation status of certificates.
- Use
Ocsp bool - Enable use of OCSP to verify the revocation status of certificates.
- Username
Field CertificateProfile Username Field
- Location
Certificate
Profile Location Args - The location of this object.
- Block
Expired boolCertificate - Whether to block a session if certificate status is expired.
- Block
Timeout boolCertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- Block
Unauthenticated boolCertificate - Whether to block session if the certificate was not issued to the authenticating device.
- Block
Unknown boolCertificate - Whether to block a session if cert. status is unknown.
- Certificate
Status float64Timeout - Certificate status query timeout value in seconds.
- Certificates
[]Certificate
Profile Certificate Args - CA Certificate to assign to the profile.
- Crl
Receive float64Timeout - CRL receive timeout value in seconds.
- Domain string
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- Name string
- Ocsp
Exclude boolNonce - Whether to exclude nonce extension for OCSP requests.
- Ocsp
Receive float64Timeout - OCSP receive timeout value in seconds.
- Use
Crl bool - Enable use of CRL to verify the revocation status of certificates.
- Use
Ocsp bool - Enable use of OCSP to verify the revocation status of certificates.
- Username
Field CertificateProfile Username Field Args
- location
Certificate
Profile Location - The location of this object.
- block
Expired BooleanCertificate - Whether to block a session if certificate status is expired.
- block
Timeout BooleanCertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- block
Unauthenticated BooleanCertificate - Whether to block session if the certificate was not issued to the authenticating device.
- block
Unknown BooleanCertificate - Whether to block a session if cert. status is unknown.
- certificate
Status DoubleTimeout - Certificate status query timeout value in seconds.
- certificates
List<Certificate
Profile Certificate> - CA Certificate to assign to the profile.
- crl
Receive DoubleTimeout - CRL receive timeout value in seconds.
- domain String
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- name String
- ocsp
Exclude BooleanNonce - Whether to exclude nonce extension for OCSP requests.
- ocsp
Receive DoubleTimeout - OCSP receive timeout value in seconds.
- use
Crl Boolean - Enable use of CRL to verify the revocation status of certificates.
- use
Ocsp Boolean - Enable use of OCSP to verify the revocation status of certificates.
- username
Field CertificateProfile Username Field
- location
Certificate
Profile Location - The location of this object.
- block
Expired booleanCertificate - Whether to block a session if certificate status is expired.
- block
Timeout booleanCertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- block
Unauthenticated booleanCertificate - Whether to block session if the certificate was not issued to the authenticating device.
- block
Unknown booleanCertificate - Whether to block a session if cert. status is unknown.
- certificate
Status numberTimeout - Certificate status query timeout value in seconds.
- certificates
Certificate
Profile Certificate[] - CA Certificate to assign to the profile.
- crl
Receive numberTimeout - CRL receive timeout value in seconds.
- domain string
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- name string
- ocsp
Exclude booleanNonce - Whether to exclude nonce extension for OCSP requests.
- ocsp
Receive numberTimeout - OCSP receive timeout value in seconds.
- use
Crl boolean - Enable use of CRL to verify the revocation status of certificates.
- use
Ocsp boolean - Enable use of OCSP to verify the revocation status of certificates.
- username
Field CertificateProfile Username Field
- location
Certificate
Profile Location Args - The location of this object.
- block_
expired_ boolcertificate - Whether to block a session if certificate status is expired.
- block_
timeout_ boolcertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- block_
unauthenticated_ boolcertificate - Whether to block session if the certificate was not issued to the authenticating device.
- block_
unknown_ boolcertificate - Whether to block a session if cert. status is unknown.
- certificate_
status_ floattimeout - Certificate status query timeout value in seconds.
- certificates
Sequence[Certificate
Profile Certificate Args] - CA Certificate to assign to the profile.
- crl_
receive_ floattimeout - CRL receive timeout value in seconds.
- domain str
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- name str
- ocsp_
exclude_ boolnonce - Whether to exclude nonce extension for OCSP requests.
- ocsp_
receive_ floattimeout - OCSP receive timeout value in seconds.
- use_
crl bool - Enable use of CRL to verify the revocation status of certificates.
- use_
ocsp bool - Enable use of OCSP to verify the revocation status of certificates.
- username_
field CertificateProfile Username Field Args
- location Property Map
- The location of this object.
- block
Expired BooleanCertificate - Whether to block a session if certificate status is expired.
- block
Timeout BooleanCertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- block
Unauthenticated BooleanCertificate - Whether to block session if the certificate was not issued to the authenticating device.
- block
Unknown BooleanCertificate - Whether to block a session if cert. status is unknown.
- certificate
Status NumberTimeout - Certificate status query timeout value in seconds.
- certificates List<Property Map>
- CA Certificate to assign to the profile.
- crl
Receive NumberTimeout - CRL receive timeout value in seconds.
- domain String
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- name String
- ocsp
Exclude BooleanNonce - Whether to exclude nonce extension for OCSP requests.
- ocsp
Receive NumberTimeout - OCSP receive timeout value in seconds.
- use
Crl Boolean - Enable use of CRL to verify the revocation status of certificates.
- use
Ocsp Boolean - Enable use of OCSP to verify the revocation status of certificates.
- username
Field Property Map
Outputs
All input properties are implicitly available as output properties. Additionally, the CertificateProfile resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CertificateProfile Resource
Get an existing CertificateProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CertificateProfileState, opts?: CustomResourceOptions): CertificateProfile@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
block_expired_certificate: Optional[bool] = None,
block_timeout_certificate: Optional[bool] = None,
block_unauthenticated_certificate: Optional[bool] = None,
block_unknown_certificate: Optional[bool] = None,
certificate_status_timeout: Optional[float] = None,
certificates: Optional[Sequence[CertificateProfileCertificateArgs]] = None,
crl_receive_timeout: Optional[float] = None,
domain: Optional[str] = None,
location: Optional[CertificateProfileLocationArgs] = None,
name: Optional[str] = None,
ocsp_exclude_nonce: Optional[bool] = None,
ocsp_receive_timeout: Optional[float] = None,
use_crl: Optional[bool] = None,
use_ocsp: Optional[bool] = None,
username_field: Optional[CertificateProfileUsernameFieldArgs] = None) -> CertificateProfilefunc GetCertificateProfile(ctx *Context, name string, id IDInput, state *CertificateProfileState, opts ...ResourceOption) (*CertificateProfile, error)public static CertificateProfile Get(string name, Input<string> id, CertificateProfileState? state, CustomResourceOptions? opts = null)public static CertificateProfile get(String name, Output<String> id, CertificateProfileState state, CustomResourceOptions options)resources: _: type: panos:CertificateProfile get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Block
Expired boolCertificate - Whether to block a session if certificate status is expired.
- Block
Timeout boolCertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- Block
Unauthenticated boolCertificate - Whether to block session if the certificate was not issued to the authenticating device.
- Block
Unknown boolCertificate - Whether to block a session if cert. status is unknown.
- Certificate
Status doubleTimeout - Certificate status query timeout value in seconds.
- Certificates
List<Certificate
Profile Certificate> - CA Certificate to assign to the profile.
- Crl
Receive doubleTimeout - CRL receive timeout value in seconds.
- Domain string
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- Location
Certificate
Profile Location - The location of this object.
- Name string
- Ocsp
Exclude boolNonce - Whether to exclude nonce extension for OCSP requests.
- Ocsp
Receive doubleTimeout - OCSP receive timeout value in seconds.
- Use
Crl bool - Enable use of CRL to verify the revocation status of certificates.
- Use
Ocsp bool - Enable use of OCSP to verify the revocation status of certificates.
- Username
Field CertificateProfile Username Field
- Block
Expired boolCertificate - Whether to block a session if certificate status is expired.
- Block
Timeout boolCertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- Block
Unauthenticated boolCertificate - Whether to block session if the certificate was not issued to the authenticating device.
- Block
Unknown boolCertificate - Whether to block a session if cert. status is unknown.
- Certificate
Status float64Timeout - Certificate status query timeout value in seconds.
- Certificates
[]Certificate
Profile Certificate Args - CA Certificate to assign to the profile.
- Crl
Receive float64Timeout - CRL receive timeout value in seconds.
- Domain string
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- Location
Certificate
Profile Location Args - The location of this object.
- Name string
- Ocsp
Exclude boolNonce - Whether to exclude nonce extension for OCSP requests.
- Ocsp
Receive float64Timeout - OCSP receive timeout value in seconds.
- Use
Crl bool - Enable use of CRL to verify the revocation status of certificates.
- Use
Ocsp bool - Enable use of OCSP to verify the revocation status of certificates.
- Username
Field CertificateProfile Username Field Args
- block
Expired BooleanCertificate - Whether to block a session if certificate status is expired.
- block
Timeout BooleanCertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- block
Unauthenticated BooleanCertificate - Whether to block session if the certificate was not issued to the authenticating device.
- block
Unknown BooleanCertificate - Whether to block a session if cert. status is unknown.
- certificate
Status DoubleTimeout - Certificate status query timeout value in seconds.
- certificates
List<Certificate
Profile Certificate> - CA Certificate to assign to the profile.
- crl
Receive DoubleTimeout - CRL receive timeout value in seconds.
- domain String
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- location
Certificate
Profile Location - The location of this object.
- name String
- ocsp
Exclude BooleanNonce - Whether to exclude nonce extension for OCSP requests.
- ocsp
Receive DoubleTimeout - OCSP receive timeout value in seconds.
- use
Crl Boolean - Enable use of CRL to verify the revocation status of certificates.
- use
Ocsp Boolean - Enable use of OCSP to verify the revocation status of certificates.
- username
Field CertificateProfile Username Field
- block
Expired booleanCertificate - Whether to block a session if certificate status is expired.
- block
Timeout booleanCertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- block
Unauthenticated booleanCertificate - Whether to block session if the certificate was not issued to the authenticating device.
- block
Unknown booleanCertificate - Whether to block a session if cert. status is unknown.
- certificate
Status numberTimeout - Certificate status query timeout value in seconds.
- certificates
Certificate
Profile Certificate[] - CA Certificate to assign to the profile.
- crl
Receive numberTimeout - CRL receive timeout value in seconds.
- domain string
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- location
Certificate
Profile Location - The location of this object.
- name string
- ocsp
Exclude booleanNonce - Whether to exclude nonce extension for OCSP requests.
- ocsp
Receive numberTimeout - OCSP receive timeout value in seconds.
- use
Crl boolean - Enable use of CRL to verify the revocation status of certificates.
- use
Ocsp boolean - Enable use of OCSP to verify the revocation status of certificates.
- username
Field CertificateProfile Username Field
- block_
expired_ boolcertificate - Whether to block a session if certificate status is expired.
- block_
timeout_ boolcertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- block_
unauthenticated_ boolcertificate - Whether to block session if the certificate was not issued to the authenticating device.
- block_
unknown_ boolcertificate - Whether to block a session if cert. status is unknown.
- certificate_
status_ floattimeout - Certificate status query timeout value in seconds.
- certificates
Sequence[Certificate
Profile Certificate Args] - CA Certificate to assign to the profile.
- crl_
receive_ floattimeout - CRL receive timeout value in seconds.
- domain str
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- location
Certificate
Profile Location Args - The location of this object.
- name str
- ocsp_
exclude_ boolnonce - Whether to exclude nonce extension for OCSP requests.
- ocsp_
receive_ floattimeout - OCSP receive timeout value in seconds.
- use_
crl bool - Enable use of CRL to verify the revocation status of certificates.
- use_
ocsp bool - Enable use of OCSP to verify the revocation status of certificates.
- username_
field CertificateProfile Username Field Args
- block
Expired BooleanCertificate - Whether to block a session if certificate status is expired.
- block
Timeout BooleanCertificate - Whether to block a session if cert. status can't be retrieved within timeout.
- block
Unauthenticated BooleanCertificate - Whether to block session if the certificate was not issued to the authenticating device.
- block
Unknown BooleanCertificate - Whether to block a session if cert. status is unknown.
- certificate
Status NumberTimeout - Certificate status query timeout value in seconds.
- certificates List<Property Map>
- CA Certificate to assign to the profile.
- crl
Receive NumberTimeout - CRL receive timeout value in seconds.
- domain String
- NetBIOS domain so the PAN-OS software can map users through User-ID.
- location Property Map
- The location of this object.
- name String
- ocsp
Exclude BooleanNonce - Whether to exclude nonce extension for OCSP requests.
- ocsp
Receive NumberTimeout - OCSP receive timeout value in seconds.
- use
Crl Boolean - Enable use of CRL to verify the revocation status of certificates.
- use
Ocsp Boolean - Enable use of OCSP to verify the revocation status of certificates.
- username
Field Property Map
Supporting Types
CertificateProfileCertificate, CertificateProfileCertificateArgs
- Name string
- Default
Ocsp stringUrl - Default URL for ocsp verification.
- Ocsp
Verify stringCertificate - Certificate to verify signature in OCSP response.
- Template
Name string - Certificate Template Name / OID for the certificate
- Name string
- Default
Ocsp stringUrl - Default URL for ocsp verification.
- Ocsp
Verify stringCertificate - Certificate to verify signature in OCSP response.
- Template
Name string - Certificate Template Name / OID for the certificate
- name String
- default
Ocsp StringUrl - Default URL for ocsp verification.
- ocsp
Verify StringCertificate - Certificate to verify signature in OCSP response.
- template
Name String - Certificate Template Name / OID for the certificate
- name string
- default
Ocsp stringUrl - Default URL for ocsp verification.
- ocsp
Verify stringCertificate - Certificate to verify signature in OCSP response.
- template
Name string - Certificate Template Name / OID for the certificate
- name str
- default_
ocsp_ strurl - Default URL for ocsp verification.
- ocsp_
verify_ strcertificate - Certificate to verify signature in OCSP response.
- template_
name str - Certificate Template Name / OID for the certificate
- name String
- default
Ocsp StringUrl - Default URL for ocsp verification.
- ocsp
Verify StringCertificate - Certificate to verify signature in OCSP response.
- template
Name String - Certificate Template Name / OID for the certificate
CertificateProfileLocation, CertificateProfileLocationArgs
- Panorama
Certificate
Profile Location Panorama - Located in a panorama.
-
Certificate
Profile Location Shared - Located in shared.
- Template
Certificate
Profile Location Template - Located in a specific template.
- Template
Stack CertificateProfile Location Template Stack - Located in a specific template stack.
- Template
Stack CertificateVsys Profile Location Template Stack Vsys - Located in a specific template stack, device and vsys.
- Template
Vsys CertificateProfile Location Template Vsys - Located in a specific template, device and vsys.
- Panorama
Certificate
Profile Location Panorama - Located in a panorama.
-
Certificate
Profile Location Shared - Located in shared.
- Template
Certificate
Profile Location Template - Located in a specific template.
- Template
Stack CertificateProfile Location Template Stack - Located in a specific template stack.
- Template
Stack CertificateVsys Profile Location Template Stack Vsys - Located in a specific template stack, device and vsys.
- Template
Vsys CertificateProfile Location Template Vsys - Located in a specific template, device and vsys.
- panorama
Certificate
Profile Location Panorama - Located in a panorama.
-
Certificate
Profile Location Shared - Located in shared.
- template
Certificate
Profile Location Template - Located in a specific template.
- template
Stack CertificateProfile Location Template Stack - Located in a specific template stack.
- template
Stack CertificateVsys Profile Location Template Stack Vsys - Located in a specific template stack, device and vsys.
- template
Vsys CertificateProfile Location Template Vsys - Located in a specific template, device and vsys.
- panorama
Certificate
Profile Location Panorama - Located in a panorama.
-
Certificate
Profile Location Shared - Located in shared.
- template
Certificate
Profile Location Template - Located in a specific template.
- template
Stack CertificateProfile Location Template Stack - Located in a specific template stack.
- template
Stack CertificateVsys Profile Location Template Stack Vsys - Located in a specific template stack, device and vsys.
- template
Vsys CertificateProfile Location Template Vsys - Located in a specific template, device and vsys.
- panorama
Certificate
Profile Location Panorama - Located in a panorama.
-
Certificate
Profile Location Shared - Located in shared.
- template
Certificate
Profile Location Template - Located in a specific template.
- template_
stack CertificateProfile Location Template Stack - Located in a specific template stack.
- template_
stack_ Certificatevsys Profile Location Template Stack Vsys - Located in a specific template stack, device and vsys.
- template_
vsys CertificateProfile Location Template Vsys - Located in a specific template, device and vsys.
- panorama Property Map
- Located in a panorama.
- Property Map
- Located in shared.
- template Property Map
- Located in a specific template.
- template
Stack Property Map - Located in a specific template stack.
- template
Stack Property MapVsys - Located in a specific template stack, device and vsys.
- template
Vsys Property Map - Located in a specific template, device and vsys.
CertificateProfileLocationTemplate, CertificateProfileLocationTemplateArgs
- Name string
- The template.
- Panorama
Device string - The panorama device.
- Name string
- The template.
- Panorama
Device string - The panorama device.
- name String
- The template.
- panorama
Device String - The panorama device.
- name string
- The template.
- panorama
Device string - The panorama device.
- name str
- The template.
- panorama_
device str - The panorama device.
- name String
- The template.
- panorama
Device String - The panorama device.
CertificateProfileLocationTemplateStack, CertificateProfileLocationTemplateStackArgs
- Name string
- The template stack.
- Panorama
Device string - The panorama device.
- Name string
- The template stack.
- Panorama
Device string - The panorama device.
- name String
- The template stack.
- panorama
Device String - The panorama device.
- name string
- The template stack.
- panorama
Device string - The panorama device.
- name str
- The template stack.
- panorama_
device str - The panorama device.
- name String
- The template stack.
- panorama
Device String - The panorama device.
CertificateProfileLocationTemplateStackVsys, CertificateProfileLocationTemplateStackVsysArgs
- Ngfw
Device string - The NGFW device.
- Panorama
Device string - The panorama device.
- Template
Stack string - The template stack.
- Vsys string
- The vsys.
- Ngfw
Device string - The NGFW device.
- Panorama
Device string - The panorama device.
- Template
Stack string - The template stack.
- Vsys string
- The vsys.
- ngfw
Device String - The NGFW device.
- panorama
Device String - The panorama device.
- template
Stack String - The template stack.
- vsys String
- The vsys.
- ngfw
Device string - The NGFW device.
- panorama
Device string - The panorama device.
- template
Stack string - The template stack.
- vsys string
- The vsys.
- ngfw_
device str - The NGFW device.
- panorama_
device str - The panorama device.
- template_
stack str - The template stack.
- vsys str
- The vsys.
- ngfw
Device String - The NGFW device.
- panorama
Device String - The panorama device.
- template
Stack String - The template stack.
- vsys String
- The vsys.
CertificateProfileLocationTemplateVsys, CertificateProfileLocationTemplateVsysArgs
- Ngfw
Device string - The NGFW device.
- Panorama
Device string - The panorama device.
- Template string
- The template.
- Vsys string
- The vsys.
- Ngfw
Device string - The NGFW device.
- Panorama
Device string - The panorama device.
- Template string
- The template.
- Vsys string
- The vsys.
- ngfw
Device String - The NGFW device.
- panorama
Device String - The panorama device.
- template String
- The template.
- vsys String
- The vsys.
- ngfw
Device string - The NGFW device.
- panorama
Device string - The panorama device.
- template string
- The template.
- vsys string
- The vsys.
- ngfw_
device str - The NGFW device.
- panorama_
device str - The panorama device.
- template str
- The template.
- vsys str
- The vsys.
- ngfw
Device String - The NGFW device.
- panorama
Device String - The panorama device.
- template String
- The template.
- vsys String
- The vsys.
CertificateProfileUsernameField, CertificateProfileUsernameFieldArgs
- Subject string
- The common name.
- Subject
Alt string - The Email or Principal Name.
- Subject string
- The common name.
- Subject
Alt string - The Email or Principal Name.
- subject String
- The common name.
- subject
Alt String - The Email or Principal Name.
- subject string
- The common name.
- subject
Alt string - The Email or Principal Name.
- subject str
- The common name.
- subject_
alt str - The Email or Principal Name.
- subject String
- The common name.
- subject
Alt String - The Email or Principal Name.
Package Details
- Repository
- panos paloaltonetworks/terraform-provider-panos
- License
- Notes
- This Pulumi package is based on the
panosTerraform Provider.
panos 2.0.0 published on Tuesday, Apr 15, 2025 by paloaltonetworks