AWS::PCAConnectorAD::Template PrivateKeyFlagsV3
Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "ClientVersion" :
String
, "ExportableKey" :Boolean
, "RequireAlternateSignatureAlgorithm" :Boolean
, "StrongKeyProtectionRequired" :Boolean
}
YAML
ClientVersion:
String
ExportableKey:Boolean
RequireAlternateSignatureAlgorithm:Boolean
StrongKeyProtectionRequired:Boolean
Properties
ClientVersion
-
Defines the minimum client compatibility.
Required: Yes
Type: String
Allowed values:
WINDOWS_SERVER_2008 | WINDOWS_SERVER_2008_R2 | WINDOWS_SERVER_2012 | WINDOWS_SERVER_2012_R2 | WINDOWS_SERVER_2016
Update requires: No interruption
ExportableKey
-
Allows the private key to be exported.
Required: No
Type: Boolean
Update requires: No interruption
RequireAlternateSignatureAlgorithm
-
Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.
Required: No
Type: Boolean
Update requires: No interruption
StrongKeyProtectionRequired
-
Requirer user input when using the private key for enrollment.
Required: No
Type: Boolean
Update requires: No interruption