CSRProfilesModel
Type: object Default:
{
"HTTPS RSA Certificate": {
"cert_extensions": {
"BasicConstraints": {
"ca": false,
"enabled": true,
"extension_critical": true
},
"ExtendedKeyUsage": {
"enabled": true,
"extension_critical": true,
"usages": [
"SERVER_AUTH",
"CLIENT_AUTH"
]
},
"KeyUsage": {
"digital_signature": true,
"enabled": true,
"extension_critical": true,
"key_agreement": true,
"key_encipherment": true
}
},
"digest_algorithm": "SHA256",
"key_length": 2048,
"key_type": "RSA",
"lifetime": 397
},
"HTTPS ECC Certificate": {
"cert_extensions": {
"BasicConstraints": {
"ca": false,
"enabled": true,
"extension_critical": true
},
"ExtendedKeyUsage": {
"enabled": true,
"extension_critical": true,
"usages": [
"SERVER_AUTH",
"CLIENT_AUTH"
]
},
"KeyUsage": {
"digital_signature": true,
"enabled": true,
"extension_critical": true
}
},
"digest_algorithm": "SHA256",
"ec_curve": "SECP384R1",
"key_type": "EC",
"lifetime": 397
}
}
Predefined certificate profiles for common use cases.
No Additional Properties
RSACSRExtensions
Type: object
Certificate profile configuration for HTTPS RSA certificates.
No Additional Properties
RSACSRExtensionsModel
Type: object Default:
{
"BasicConstraints": {
"ca": false,
"enabled": true,
"extension_critical": true
},
"ExtendedKeyUsage": {
"enabled": true,
"extension_critical": true,
"usages": [
"SERVER_AUTH",
"CLIENT_AUTH"
]
},
"KeyUsage": {
"digital_signature": true,
"enabled": true,
"extension_critical": true,
"key_agreement": true,
"key_encipherment": true
}
}
Certificate extensions configuration for RSA certificates.
No Additional Properties
BasicConstraintsModel
Type: object Default:
{
"enabled": true,
"ca": false,
"extension_critical": true
}
Basic constraints extension configuration.
No Additional Properties
Enabled
Type: boolean Default: true
Whether the basic constraints extension is enabled.
Ca
Type: boolean Default: false
Whether this certificate can act as a certificate authority.
Extension Critical
Type: boolean Default: true
Whether this extension is marked as critical.
ExtendedKeyUsageModel
Type: object Default:
{
"enabled": true,
"extension_critical": true,
"usages": [
"SERVER_AUTH",
"CLIENT_AUTH"
]
}
Extended key usage extension configuration.
No Additional Properties
Enabled
Type: boolean Default: true
Whether the extended key usage extension is enabled.
Extension Critical
Type: boolean Default: true
Whether this extension is marked as critical.
Usages
Type: array of string Default: ["SERVER_AUTH", "CLIENT_AUTH"]
Array of extended key usage purposes for the certificate.
No Additional ItemsEach item of this array must be:
RSAKeyUsageModel
Type: object Default:
{
"enabled": true,
"extension_critical": true,
"digital_signature": true,
"key_encipherment": true,
"key_agreement": true
}
Key usage extension configuration for RSA certificates.
No Additional Properties
Enabled
Type: boolean Default: true
Whether the key usage extension is enabled.
Extension Critical
Type: boolean Default: true
Whether this extension is marked as critical.
Digital Signature
Type: boolean Default: true
Whether the key can be used for digital signatures.
Key Encipherment
Type: boolean Default: true
Whether the key can be used for key encipherment.
Key Agreement
Type: boolean Default: true
Whether the key can be used for key agreement.
Key Length
Type: integer Default: 2048
RSA key length in bits.
Key Type
Type: string Default: "RSA"
Type of cryptographic key (RSA).
Lifetime
Type: integer Default: 397
Certificate validity period in days.
Digest Algorithm
Type: string Default: "SHA256"
Hash algorithm for certificate signing.
ECCCSRExtensions
Type: object
Certificate profile configuration for HTTPS ECC certificates.
No Additional Properties
ECCCSRExtensionsModel
Type: object Default:
{
"BasicConstraints": {
"ca": false,
"enabled": true,
"extension_critical": true
},
"ExtendedKeyUsage": {
"enabled": true,
"extension_critical": true,
"usages": [
"SERVER_AUTH",
"CLIENT_AUTH"
]
},
"KeyUsage": {
"digital_signature": true,
"enabled": true,
"extension_critical": true
}
}
Certificate extensions configuration for ECC certificates.
No Additional Properties
BasicConstraintsModel
Type: object Default:
{
"enabled": true,
"ca": false,
"extension_critical": true
}
Basic constraints extension configuration.
No Additional Properties
Enabled
Type: boolean Default: true
Whether the basic constraints extension is enabled.
Ca
Type: boolean Default: false
Whether this certificate can act as a certificate authority.
Extension Critical
Type: boolean Default: true
Whether this extension is marked as critical.
ExtendedKeyUsageModel
Type: object Default:
{
"enabled": true,
"extension_critical": true,
"usages": [
"SERVER_AUTH",
"CLIENT_AUTH"
]
}
Extended key usage extension configuration.
No Additional Properties
Enabled
Type: boolean Default: true
Whether the extended key usage extension is enabled.
Extension Critical
Type: boolean Default: true
Whether this extension is marked as critical.
Usages
Type: array of string Default: ["SERVER_AUTH", "CLIENT_AUTH"]
Array of extended key usage purposes for the certificate.
No Additional ItemsEach item of this array must be:
ECCKeyUsageModel
Type: object Default:
{
"enabled": true,
"extension_critical": true,
"digital_signature": true
}
Key usage extension configuration for ECC certificates.
No Additional Properties
Enabled
Type: boolean Default: true
Whether the key usage extension is enabled.
Extension Critical
Type: boolean Default: true
Whether this extension is marked as critical.
Digital Signature
Type: boolean Default: true
Whether the key can be used for digital signatures.
Ec Curve
Type: string Default: "SECP384R1"
Elliptic curve to use for key generation.
Key Type
Type: string Default: "EC"
Type of cryptographic key (ECC).
Lifetime
Type: integer Default: 397
Certificate validity period in days.
Digest Algorithm
Type: string Default: "SHA256"
Hash algorithm for certificate signing.