1. Packages
  2. Venafi
  3. API Docs
  4. Certificate
Venafi v1.7.0 published on Wednesday, Feb 28, 2024 by Pulumi

venafi.Certificate

Explore with Pulumi AI

venafi logo
Venafi v1.7.0 published on Wednesday, Feb 28, 2024 by Pulumi

    Create Certificate Resource

    new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);
    @overload
    def Certificate(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    algorithm: Optional[str] = None,
                    certificate_dn: Optional[str] = None,
                    common_name: Optional[str] = None,
                    csr_origin: Optional[str] = None,
                    csr_pem: Optional[str] = None,
                    custom_fields: Optional[Mapping[str, str]] = None,
                    ecdsa_curve: Optional[str] = None,
                    expiration_window: Optional[int] = None,
                    issuer_hint: Optional[str] = None,
                    key_password: Optional[str] = None,
                    nickname: Optional[str] = None,
                    pkcs12: Optional[str] = None,
                    private_key_pem: Optional[str] = None,
                    rsa_bits: Optional[int] = None,
                    san_dns: Optional[Sequence[str]] = None,
                    san_emails: Optional[Sequence[str]] = None,
                    san_ips: Optional[Sequence[str]] = None,
                    san_uris: Optional[Sequence[str]] = None,
                    valid_days: Optional[int] = None)
    @overload
    def Certificate(resource_name: str,
                    args: CertificateArgs,
                    opts: Optional[ResourceOptions] = None)
    func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)
    public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)
    public Certificate(String name, CertificateArgs args)
    public Certificate(String name, CertificateArgs args, CustomResourceOptions options)
    
    type: venafi:Certificate
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args CertificateArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CertificateArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CertificateArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CertificateArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CertificateArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Certificate Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Certificate resource accepts the following input properties:

    CommonName string
    The common name of the certificate.
    Algorithm string
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    CertificateDn string
    CsrOrigin string
    Whether key-pair generation will be local or service generated. Default is local.
    CsrPem string
    CustomFields Dictionary<string, string>
    Collection of Custom Field name-value pairs to assign to the certificate.
    EcdsaCurve string
    ECDSA curve to use when generating a key
    ExpirationWindow int
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    IssuerHint string
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    KeyPassword string
    The password used to encrypt the private key.
    Nickname string
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    Pkcs12 string
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    PrivateKeyPem string
    The private key in PEM format.
    RsaBits int
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    SanDns List<string>
    List of DNS names to use as alternative subjects of the certificate.
    SanEmails List<string>
    List of email addresses to use as alternative subjects of the certificate.
    SanIps List<string>
    List of IP addresses to use as alternative subjects of the certificate.
    SanUris List<string>
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    ValidDays int
    Desired number of days for which the new certificate will be valid.
    CommonName string
    The common name of the certificate.
    Algorithm string
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    CertificateDn string
    CsrOrigin string
    Whether key-pair generation will be local or service generated. Default is local.
    CsrPem string
    CustomFields map[string]string
    Collection of Custom Field name-value pairs to assign to the certificate.
    EcdsaCurve string
    ECDSA curve to use when generating a key
    ExpirationWindow int
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    IssuerHint string
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    KeyPassword string
    The password used to encrypt the private key.
    Nickname string
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    Pkcs12 string
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    PrivateKeyPem string
    The private key in PEM format.
    RsaBits int
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    SanDns []string
    List of DNS names to use as alternative subjects of the certificate.
    SanEmails []string
    List of email addresses to use as alternative subjects of the certificate.
    SanIps []string
    List of IP addresses to use as alternative subjects of the certificate.
    SanUris []string
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    ValidDays int
    Desired number of days for which the new certificate will be valid.
    commonName String
    The common name of the certificate.
    algorithm String
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    certificateDn String
    csrOrigin String
    Whether key-pair generation will be local or service generated. Default is local.
    csrPem String
    customFields Map<String,String>
    Collection of Custom Field name-value pairs to assign to the certificate.
    ecdsaCurve String
    ECDSA curve to use when generating a key
    expirationWindow Integer
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    issuerHint String
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    keyPassword String
    The password used to encrypt the private key.
    nickname String
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    pkcs12 String
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    privateKeyPem String
    The private key in PEM format.
    rsaBits Integer
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    sanDns List<String>
    List of DNS names to use as alternative subjects of the certificate.
    sanEmails List<String>
    List of email addresses to use as alternative subjects of the certificate.
    sanIps List<String>
    List of IP addresses to use as alternative subjects of the certificate.
    sanUris List<String>
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    validDays Integer
    Desired number of days for which the new certificate will be valid.
    commonName string
    The common name of the certificate.
    algorithm string
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    certificateDn string
    csrOrigin string
    Whether key-pair generation will be local or service generated. Default is local.
    csrPem string
    customFields {[key: string]: string}
    Collection of Custom Field name-value pairs to assign to the certificate.
    ecdsaCurve string
    ECDSA curve to use when generating a key
    expirationWindow number
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    issuerHint string
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    keyPassword string
    The password used to encrypt the private key.
    nickname string
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    pkcs12 string
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    privateKeyPem string
    The private key in PEM format.
    rsaBits number
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    sanDns string[]
    List of DNS names to use as alternative subjects of the certificate.
    sanEmails string[]
    List of email addresses to use as alternative subjects of the certificate.
    sanIps string[]
    List of IP addresses to use as alternative subjects of the certificate.
    sanUris string[]
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    validDays number
    Desired number of days for which the new certificate will be valid.
    common_name str
    The common name of the certificate.
    algorithm str
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    certificate_dn str
    csr_origin str
    Whether key-pair generation will be local or service generated. Default is local.
    csr_pem str
    custom_fields Mapping[str, str]
    Collection of Custom Field name-value pairs to assign to the certificate.
    ecdsa_curve str
    ECDSA curve to use when generating a key
    expiration_window int
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    issuer_hint str
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    key_password str
    The password used to encrypt the private key.
    nickname str
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    pkcs12 str
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    private_key_pem str
    The private key in PEM format.
    rsa_bits int
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    san_dns Sequence[str]
    List of DNS names to use as alternative subjects of the certificate.
    san_emails Sequence[str]
    List of email addresses to use as alternative subjects of the certificate.
    san_ips Sequence[str]
    List of IP addresses to use as alternative subjects of the certificate.
    san_uris Sequence[str]
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    valid_days int
    Desired number of days for which the new certificate will be valid.
    commonName String
    The common name of the certificate.
    algorithm String
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    certificateDn String
    csrOrigin String
    Whether key-pair generation will be local or service generated. Default is local.
    csrPem String
    customFields Map<String>
    Collection of Custom Field name-value pairs to assign to the certificate.
    ecdsaCurve String
    ECDSA curve to use when generating a key
    expirationWindow Number
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    issuerHint String
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    keyPassword String
    The password used to encrypt the private key.
    nickname String
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    pkcs12 String
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    privateKeyPem String
    The private key in PEM format.
    rsaBits Number
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    sanDns List<String>
    List of DNS names to use as alternative subjects of the certificate.
    sanEmails List<String>
    List of email addresses to use as alternative subjects of the certificate.
    sanIps List<String>
    List of IP addresses to use as alternative subjects of the certificate.
    sanUris List<String>
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    validDays Number
    Desired number of days for which the new certificate will be valid.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:

    CertificateDetails string
    The X509 certificate in PEM format.
    Chain string
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    Id string
    The provider-assigned unique ID for this managed resource.
    Certificate string
    The X509 certificate in PEM format.
    Chain string
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    Id string
    The provider-assigned unique ID for this managed resource.
    certificate String
    The X509 certificate in PEM format.
    chain String
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    id String
    The provider-assigned unique ID for this managed resource.
    certificate string
    The X509 certificate in PEM format.
    chain string
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    id string
    The provider-assigned unique ID for this managed resource.
    certificate str
    The X509 certificate in PEM format.
    chain str
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    id str
    The provider-assigned unique ID for this managed resource.
    certificate String
    The X509 certificate in PEM format.
    chain String
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Certificate Resource

    Get an existing Certificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CertificateState, opts?: CustomResourceOptions): Certificate
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            algorithm: Optional[str] = None,
            certificate: Optional[str] = None,
            certificate_dn: Optional[str] = None,
            chain: Optional[str] = None,
            common_name: Optional[str] = None,
            csr_origin: Optional[str] = None,
            csr_pem: Optional[str] = None,
            custom_fields: Optional[Mapping[str, str]] = None,
            ecdsa_curve: Optional[str] = None,
            expiration_window: Optional[int] = None,
            issuer_hint: Optional[str] = None,
            key_password: Optional[str] = None,
            nickname: Optional[str] = None,
            pkcs12: Optional[str] = None,
            private_key_pem: Optional[str] = None,
            rsa_bits: Optional[int] = None,
            san_dns: Optional[Sequence[str]] = None,
            san_emails: Optional[Sequence[str]] = None,
            san_ips: Optional[Sequence[str]] = None,
            san_uris: Optional[Sequence[str]] = None,
            valid_days: Optional[int] = None) -> Certificate
    func GetCertificate(ctx *Context, name string, id IDInput, state *CertificateState, opts ...ResourceOption) (*Certificate, error)
    public static Certificate Get(string name, Input<string> id, CertificateState? state, CustomResourceOptions? opts = null)
    public static Certificate get(String name, Output<String> id, CertificateState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Algorithm string
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    CertificateDetails string
    The X509 certificate in PEM format.
    CertificateDn string
    Chain string
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    CommonName string
    The common name of the certificate.
    CsrOrigin string
    Whether key-pair generation will be local or service generated. Default is local.
    CsrPem string
    CustomFields Dictionary<string, string>
    Collection of Custom Field name-value pairs to assign to the certificate.
    EcdsaCurve string
    ECDSA curve to use when generating a key
    ExpirationWindow int
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    IssuerHint string
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    KeyPassword string
    The password used to encrypt the private key.
    Nickname string
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    Pkcs12 string
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    PrivateKeyPem string
    The private key in PEM format.
    RsaBits int
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    SanDns List<string>
    List of DNS names to use as alternative subjects of the certificate.
    SanEmails List<string>
    List of email addresses to use as alternative subjects of the certificate.
    SanIps List<string>
    List of IP addresses to use as alternative subjects of the certificate.
    SanUris List<string>
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    ValidDays int
    Desired number of days for which the new certificate will be valid.
    Algorithm string
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    Certificate string
    The X509 certificate in PEM format.
    CertificateDn string
    Chain string
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    CommonName string
    The common name of the certificate.
    CsrOrigin string
    Whether key-pair generation will be local or service generated. Default is local.
    CsrPem string
    CustomFields map[string]string
    Collection of Custom Field name-value pairs to assign to the certificate.
    EcdsaCurve string
    ECDSA curve to use when generating a key
    ExpirationWindow int
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    IssuerHint string
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    KeyPassword string
    The password used to encrypt the private key.
    Nickname string
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    Pkcs12 string
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    PrivateKeyPem string
    The private key in PEM format.
    RsaBits int
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    SanDns []string
    List of DNS names to use as alternative subjects of the certificate.
    SanEmails []string
    List of email addresses to use as alternative subjects of the certificate.
    SanIps []string
    List of IP addresses to use as alternative subjects of the certificate.
    SanUris []string
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    ValidDays int
    Desired number of days for which the new certificate will be valid.
    algorithm String
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    certificate String
    The X509 certificate in PEM format.
    certificateDn String
    chain String
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    commonName String
    The common name of the certificate.
    csrOrigin String
    Whether key-pair generation will be local or service generated. Default is local.
    csrPem String
    customFields Map<String,String>
    Collection of Custom Field name-value pairs to assign to the certificate.
    ecdsaCurve String
    ECDSA curve to use when generating a key
    expirationWindow Integer
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    issuerHint String
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    keyPassword String
    The password used to encrypt the private key.
    nickname String
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    pkcs12 String
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    privateKeyPem String
    The private key in PEM format.
    rsaBits Integer
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    sanDns List<String>
    List of DNS names to use as alternative subjects of the certificate.
    sanEmails List<String>
    List of email addresses to use as alternative subjects of the certificate.
    sanIps List<String>
    List of IP addresses to use as alternative subjects of the certificate.
    sanUris List<String>
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    validDays Integer
    Desired number of days for which the new certificate will be valid.
    algorithm string
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    certificate string
    The X509 certificate in PEM format.
    certificateDn string
    chain string
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    commonName string
    The common name of the certificate.
    csrOrigin string
    Whether key-pair generation will be local or service generated. Default is local.
    csrPem string
    customFields {[key: string]: string}
    Collection of Custom Field name-value pairs to assign to the certificate.
    ecdsaCurve string
    ECDSA curve to use when generating a key
    expirationWindow number
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    issuerHint string
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    keyPassword string
    The password used to encrypt the private key.
    nickname string
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    pkcs12 string
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    privateKeyPem string
    The private key in PEM format.
    rsaBits number
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    sanDns string[]
    List of DNS names to use as alternative subjects of the certificate.
    sanEmails string[]
    List of email addresses to use as alternative subjects of the certificate.
    sanIps string[]
    List of IP addresses to use as alternative subjects of the certificate.
    sanUris string[]
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    validDays number
    Desired number of days for which the new certificate will be valid.
    algorithm str
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    certificate str
    The X509 certificate in PEM format.
    certificate_dn str
    chain str
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    common_name str
    The common name of the certificate.
    csr_origin str
    Whether key-pair generation will be local or service generated. Default is local.
    csr_pem str
    custom_fields Mapping[str, str]
    Collection of Custom Field name-value pairs to assign to the certificate.
    ecdsa_curve str
    ECDSA curve to use when generating a key
    expiration_window int
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    issuer_hint str
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    key_password str
    The password used to encrypt the private key.
    nickname str
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    pkcs12 str
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    private_key_pem str
    The private key in PEM format.
    rsa_bits int
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    san_dns Sequence[str]
    List of DNS names to use as alternative subjects of the certificate.
    san_emails Sequence[str]
    List of email addresses to use as alternative subjects of the certificate.
    san_ips Sequence[str]
    List of IP addresses to use as alternative subjects of the certificate.
    san_uris Sequence[str]
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    valid_days int
    Desired number of days for which the new certificate will be valid.
    algorithm String
    Key encryption algorithm, either RSA or ECDSA. Defaults to RSA.
    certificate String
    The X509 certificate in PEM format.
    certificateDn String
    chain String
    The trust chain of X509 certificate authority certificates in PEM format concatenated together.
    commonName String
    The common name of the certificate.
    csrOrigin String
    Whether key-pair generation will be local or service generated. Default is local.
    csrPem String
    customFields Map<String>
    Collection of Custom Field name-value pairs to assign to the certificate.
    ecdsaCurve String
    ECDSA curve to use when generating a key
    expirationWindow Number
    Number of hours before certificate expiry to request a new certificate. Defaults to 168.
    issuerHint String
    Used with valid_days to indicate the target issuer when using Trust Protection Platform. Relevant values are: "DigiCert", "Entrust", and "Microsoft".
    keyPassword String
    The password used to encrypt the private key.
    nickname String
    Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for TPP.
    pkcs12 String
    A base64-encoded PKCS#12 keystore secured by the key_password. Useful when working with resources like azurerm_key_vault_certificate.
    privateKeyPem String
    The private key in PEM format.
    rsaBits Number
    Number of bits to use when generating an RSA key. Applies when algorithm=RSA. Defaults to 2048.
    sanDns List<String>
    List of DNS names to use as alternative subjects of the certificate.
    sanEmails List<String>
    List of email addresses to use as alternative subjects of the certificate.
    sanIps List<String>
    List of IP addresses to use as alternative subjects of the certificate.
    sanUris List<String>
    List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
    validDays Number
    Desired number of days for which the new certificate will be valid.

    Package Details

    Repository
    Venafi pulumi/pulumi-venafi
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the venafi Terraform Provider.
    venafi logo
    Venafi v1.7.0 published on Wednesday, Feb 28, 2024 by Pulumi