Interface EnrollmentFlagsV4.Builder
- All Superinterfaces:
Buildable
,CopyableBuilder<EnrollmentFlagsV4.Builder,
,EnrollmentFlagsV4> SdkBuilder<EnrollmentFlagsV4.Builder,
,EnrollmentFlagsV4> SdkPojo
- Enclosing class:
EnrollmentFlagsV4
public static interface EnrollmentFlagsV4.Builder
extends SdkPojo, CopyableBuilder<EnrollmentFlagsV4.Builder,EnrollmentFlagsV4>
-
Method Summary
Modifier and TypeMethodDescriptionenableKeyReuseOnNtTokenKeysetStorageFull
(Boolean enableKeyReuseOnNtTokenKeysetStorageFull) Allow renewal using the same key.includeSymmetricAlgorithms
(Boolean includeSymmetricAlgorithms) Include symmetric algorithms allowed by the subject.noSecurityExtension
(Boolean noSecurityExtension) This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate.removeInvalidCertificateFromPersonalStore
(Boolean removeInvalidCertificateFromPersonalStore) Delete expired or revoked certificates instead of archiving them.userInteractionRequired
(Boolean userInteractionRequired) Require user interaction when the subject is enrolled and the private key associated with the certificate is used.Methods inherited from interface software.amazon.awssdk.utils.builder.CopyableBuilder
copy
Methods inherited from interface software.amazon.awssdk.utils.builder.SdkBuilder
applyMutation, build
Methods inherited from interface software.amazon.awssdk.core.SdkPojo
equalsBySdkFields, sdkFields
-
Method Details
-
enableKeyReuseOnNtTokenKeysetStorageFull
EnrollmentFlagsV4.Builder enableKeyReuseOnNtTokenKeysetStorageFull(Boolean enableKeyReuseOnNtTokenKeysetStorageFull) Allow renewal using the same key.
- Parameters:
enableKeyReuseOnNtTokenKeysetStorageFull
- Allow renewal using the same key.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
includeSymmetricAlgorithms
Include symmetric algorithms allowed by the subject.
- Parameters:
includeSymmetricAlgorithms
- Include symmetric algorithms allowed by the subject.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
noSecurityExtension
This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.
- Parameters:
noSecurityExtension
- This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
removeInvalidCertificateFromPersonalStore
EnrollmentFlagsV4.Builder removeInvalidCertificateFromPersonalStore(Boolean removeInvalidCertificateFromPersonalStore) Delete expired or revoked certificates instead of archiving them.
- Parameters:
removeInvalidCertificateFromPersonalStore
- Delete expired or revoked certificates instead of archiving them.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
userInteractionRequired
Require user interaction when the subject is enrolled and the private key associated with the certificate is used.
- Parameters:
userInteractionRequired
- Require user interaction when the subject is enrolled and the private key associated with the certificate is used.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-