KeyPair Environment

The KeyPairEnvironment object uses a private and public key pair for code signing instead of a certificate. This environment can originate from a CyberArk Configuration Console environment template.

You can set these values via POST Codesign/GetEnvironment.

KeyPairEnvironment: has these values:

• AllowUserKeyImport: Applies only to PerUser templates. The setting for key import: true: users can import their own signing keys. false: no key import.

• CustomFieldAttributes: An Items array:

  • FieldName: A defined Custom Field name. In the UI, the definition is a Code Signing Environment with a Field Type of List or String . For example:

    

  • Values: An array of Custom Field values.

• Dn: The Distinguished Name (DN) of the environment.
• Guid: The GUID that uniquely identifies the environment.
• IPAddressRestriction: An Items array of trusted client IP addresses.
• Id: The project environment ID.
• KeyTimeConstraints: An Items array of signing Time Constraints from CyberArk Configuration Console.
• KeyUseFlowDN: The Distinguished Name (DN) location of the Code Signing Flow. In VCC, the flow shows required approvals, checks, and actions that enable key usage.
• Status: 1.
• TemplateDN:The DN of template.
• Type: The environment category: Code Signing Key Pair Environment.
• Expiration: The expiration time from the template. The number of minutes until the key expires. See Environment details.

• KeyAlgorithm: Acceptable key algorithms for the certificate. Info: Suggests or locks this value as mandatory. Value: When value originated from the template, the Dirty flag is true. Also includes an Items array of acceptable values. Possible values are: NONE: no key is required, RSA1024, RSA2048, RSA3072, RSA4096, RSA8192, ECCP256, ECCP384, ECCP521, ED25519.

• KeyDN:The DN of template.
• KeyPairTemplate:The template name.
• KeyStorageLocation: The location of the private key. Software or HSM. See Environment details.