AWS::PCAConnectorAD::Template PrivateKeyFlagsV3

Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON


{
  "ClientVersion" : String,
  "ExportableKey" : Boolean,
  "RequireAlternateSignatureAlgorithm" : Boolean,
  "StrongKeyProtectionRequired" : Boolean
}

YAML


  ClientVersion: String
  ExportableKey: Boolean
  RequireAlternateSignatureAlgorithm: Boolean
  StrongKeyProtectionRequired: Boolean

Properties

ClientVersion

Defines the minimum client compatibility.

Required: Yes

Type: String

Allowed values: WINDOWS_SERVER_2008 | WINDOWS_SERVER_2008_R2 | WINDOWS_SERVER_2012 | WINDOWS_SERVER_2012_R2 | WINDOWS_SERVER_2016

Update requires: No interruption

ExportableKey

Allows the private key to be exported.

Required: No

Type: Boolean

Update requires: No interruption

RequireAlternateSignatureAlgorithm

Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.

Required: No

Type: Boolean

Update requires: No interruption

StrongKeyProtectionRequired

Requirer user input when using the private key for enrollment.

Required: No

Type: Boolean

Update requires: No interruption

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

PrivateKeyFlagsV2

PrivateKeyFlagsV4