1# Copyright 2022 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: privateca.cnrm.cloud.google.com/v1beta1
16kind: PrivateCACertificate
17metadata:
18 name: privatecacertificate-sample-cert-sign
19 labels:
20 key: value
21spec:
22 location: us-central1
23 certificateAuthorityRef:
24 name: privatecacertificate-dep-cert-sign
25 caPoolRef:
26 name: privatecacertificate-dep-cert-sign
27 lifetime: "860s"
28 config:
29 subjectConfig:
30 subject:
31 commonName: "san1.example.com"
32 subjectAltName:
33 dnsNames:
34 - "san1.example.com"
35 uris:
36 - "http://www.ietf.org/rfc/rfc3986.txt"
37 emailAddresses:
38 - test_example@google.com
39 ipAddresses:
40 - "127.0.0.1"
41 x509Config:
42 aiaOcspServers:
43 - "www.example.com"
44 caOptions:
45 isCa: true
46 maxIssuerPathLength: 100
47 policyIds:
48 - objectIdPath:
49 - 1
50 - 2
51 - 3
52 - 4
53 - 5
54 - 5
55 additionalExtensions:
56 - objectId:
57 objectIdPath:
58 - 1
59 - 2
60 - 3
61 - 4
62 - 5
63 - 5
64 critical: false
65 value: "d3d3LmV4YW1wbGUuY29t"
66 keyUsage:
67 baseKeyUsage:
68 digitalSignature: true
69 contentCommitment: true
70 keyEncipherment: true
71 dataEncipherment: true
72 keyAgreement: true
73 crlSign: true
74 encipherOnly: true
75 certSign: true
76 extendedKeyUsage:
77 serverAuth: true
78 clientAuth: true
79 codeSigning: true
80 emailProtection: true
81 timeStamping: true
82 ocspSigning: true
83 unknownExtendedKeyUsages:
84 - objectIdPath:
85 - 1
86 - 2
87 - 3
88 - 4
89 - 5
90 - 5
91 publicKey:
92 format: "PEM"
93 key: "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FnOEFNSUlDQ2dLQ0FnRUF2NndlQzFhVDE2bDJxUzZxZFljeQo3Qk9qelA3VHdUOXpVQWlGaFdwTDI1NkdScUM4eVFSZHFNc2k2OFEvLzc2MklVeXUvcWFIYkVnUThXUm1RZFZWCkdEbHhrQmZyQS9pWEIyZGd1anE4amgwSFdJVjJldjNUZXJWM2FVd3ZZVWxyb3docTAyN1NYOVUxaGJ1ZmRHQ00KdUtzSGlGMDVFcmdOdkV1UjhYQWtlSi9ZVjJEVjIrc1JxK1dnOXk0UndVWWJkY2hkRnR5MWQ1U1gvczBZcXN3Zwp5T0c5Vm9DZFI3YmFGMjJ1Z2hWUjQ0YVJtKzgzbWd0cUFaNE0rUnBlN0pHUnNVR1kvcFIzOTFUb2kwczhFbjE1CkpHaUFocVgyVzBVby9GWlpyeTN5dXFSZmRIWUVOQitBRHV5VE1UclVhS1p2N2V1YTBsVEJ6NW9vbTNqU0YzZ3YKSTdTUW9MZEsvamhFVk9PcTQxSWpCOEQ2MFNnZDY5YkQ3eVRJNTE2eXZaL3MzQXlLelc2ZjZLbmpkYkNjWktLVAowR0FlUE5MTmhEWWZTbEE5YndKOEhRUzJGZW5TcFNUQXJLdkdpVnJzaW5KdU5qYlFkUHVRSGNwV2Y5eDFtM0dSClRNdkYrVE5ZTS9scDdJTDJWTWJKUmZXUHkxaVd4bTlGMVlyNmRrSFZvTFA3b2NZa05SSG9QTHV0NUU2SUZKdEsKbFZJMk5uZVVZSkduWVNPKzF4UFY5VHFsSmVNTndyM3VGTUFOOE4vb0IzZjRXV3d1UllnUjBMNWcyQStMdngrZwpiYmRsK1RiLzBDTmZzbGZTdURyRlY4WjRuNmdWd2I5WlBHbE5IQ3ZucVJmTFVwUkZKd21SN1VZdnppL0U3clhKCkVEa0srdGNuUGt6Mkp0amRMS1I3cVZjQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQ=="
94 projectRef:
95 # Replace ${PROJECT_ID?} with your project ID.
96 external: projects/${PROJECT_ID?}
View as plain text