DotNet environment template

The DotNet environment template has default settings for code signing with NET strong name signing. This template provides control around Environment creation. Any Environment that is created from this template must follow all the rules outlined. Otherwise, certificate creation will fail. To see your template, call POST Codesign/GetTemplate.

  • Type: Code Signing DotNet Environment Template

  • Object: DotNetSignEnvironmentTemplate

DotNetTemplate has these values:

  • AllowUserKeyImport: Applies only to PerUser templates. The setting for key import: true: users can import their own signing keys. false: no key import.
  • Description:Appears only if there is a template description.
  • Dn:The Distinguished Name (DN) of the template.
  • Guid: The GUID that uniquely identifies the template.
  • Id: The template identifier.

  • KeyUseFlowDN: The Distinguished Name (DN) location of the Code Signing Flow. In VCC, the flow shows required approvals, checks, and actions that enable key usage.

  • ObjectNamingPattern: Only appears if PerUser is true. The macros that make the Certificate object unique to the signer's identity. The rendered value appears in the Policy tree. The default is $Sign.Project$\$Sign.Environment$\$Sign.User$

  • PerUser:  Only appears if the value is true. The mode that supports multiple cryptographic objects and macros to use for signing. This field determines how objects are created for the Environment.

  • Type:This user-defined template originated from the Code Signing DotNet Environment Template.
  • VisibleTo: An Items array of identities that can view the template in VCC. If empty, everyone can see this template. Otherwise, it is a restricted array of identities that can use the template to create new Environments. This is useful to limit exposure to templates pointing at public CAs, as those certificates can be very expensive and may not be required.

  • Expiration: The number of minutes until the key expires. A value of zero 0 means the key will not expire. See Template details.

  • KeyAlgorithm: Acceptable key algorithms for the certificate. See Template details.

  • KeyContainerDN: The template values for the Distinguished Name (DN) location of the key container.
  • KeyStorageLocation: The location of the private key. Software or HSM. See Template details.

  • MaxUses: template values for the maximum number of key pair uses. See Template details.

{
   "DotNetTemplate":{
      "AllowUserKeyImport":true,
      "Description":".NET StrongName",
      "Dn":"\\VED\\Code Signing\\Environment Templates\\.NET Template",
      "Guid":"{6d519f15-f1f2-49d9-99fa-593c6074a691}",
      "Id":832825,
      "KeyUseFlowDN":"\\VED\\Code Signing\\Flows\\No Restrictions",
      "Type":"Code Signing DotNet Environment Template",
      "VisibleTo":{
         "Items":[
            
         ]
      },
      "Expiration":{
         "Info":1,
         "Value":{
            "Items":[
               
            ]
         }
      },
      "KeyAlgorithm":{
         "Info":1,
         "Value":{
            "Items":[
               "RSA1024",
               "RSA2048",
               "RSA4096"
            ]
         }
      },
      "KeyContainerDN":"\\VED\\Policy\\Code Signing\\Certificates",
      "KeyStorageLocation":{
         "Info":1,
         "Value":{
            "Items":[
               "Software"
            ]
         }
      },
      "MaxUses":{
         "Info":1,
         "Value":{
            "Items":[
               
            ]
         }
      }
   }
}