X509 Certificate Object
Defines the data necessary for Trust Protection Platform to manage enrollment and provisioning for a X509 certificate.
- Class Name: X509 Certificate
- Inheritance: Parent class—Application Base, Parent class—Validation Base, and Parent class—X509 Certificate Base
- Has additional X509 Certificate CA Specific Attributes from the X509 Certificate Base class.
NOTE The attributes in this section apply to X509 Certificate, X509 Certificate Base, X509 Device Certificate, and X509 User Certificate classes. The X509 Certificate class remains the class representing server certificates; however, it has become a child class of X509 Certificate Base and inherits nearly all of its attributes from that parent. The X509 Device Certificate and
X509 User Certificate also inherit their attributes from the X509 Certificate Base class.
Because
Trust Protection Platform administration consoles do not provide access to policy settings for the child classes, the X509 Certificate Base class should be used whenever applying attribute values to folders.
|
Attribute |
Description |
|---|---|
|
ACME Account DN UI: NA
Required: No
|
Policy Definable: No. Default: NA The Distinguished Name of an Automatic Certificate Management Environment (ACME) account. |
|
Application Group DN UI: Application Group
Required: No
|
Policy Definable: No. Default: NA The Policy tree location of Application objects that share the same certificate. |
|
GeotrustTrueFlex CA:Emails GeotrustTrueFlex CA:Enrollment Mode GeotrustTrueFlex CA:First Pickup Request GeotrustTrueFlex CA:Timestamp |
Deprecated. Old. Don't give to customer. Too confusing. |
|
Microsoft CA Pool:Certificate Authority UI: NA
Required: No
|
Policy Definable: No. Default: NA The Microsoft Certificate Authority (MSCA) that manages certificate enrollment. |
| Portal Download Count UI: NA Required: No |
Policy Definable: No. Default: 0 The number of remaining certificate downloads from the user portal. For example, a value of 3 means you can download the certificate three more times. |
|
Prohibited SAN Types UI: Prohibited SAN Types
Required: No
|
Policy Definable: Yes. Default: NA One or more of the following Subject Alternate Names (SAN) certificate types that are not allowed on a certificate: Email, IP address, UPN, URI. For CodeSign Protect: DNS, IP, URI, VPN. |
|
Ticket DN UI: NA
Required: No
|
Policy Definable: Yes. Default: NA The Distinguished Name (DN) that identifies a workflow ticket that managing this certificate. |
|
Work DN UI: NA
Required: No
|
Policy Definable: Yes. Default: NA The DN that identifies an agent task to manage the certificate. |