Package software.amazon.awssdk.services.pcaconnectorad.model

Interface EnrollmentFlagsV4.Builder

All Superinterfaces:
Buildable, CopyableBuilder<EnrollmentFlagsV4.Builder,EnrollmentFlagsV4>, SdkBuilder<EnrollmentFlagsV4.Builder,EnrollmentFlagsV4>, SdkPojo
Enclosing class:
EnrollmentFlagsV4
public static interface EnrollmentFlagsV4.Builder extends SdkPojo, CopyableBuilder<EnrollmentFlagsV4.Builder,EnrollmentFlagsV4>

  • Method Details

    • enableKeyReuseOnNtTokenKeysetStorageFull

      EnrollmentFlagsV4.Builder enableKeyReuseOnNtTokenKeysetStorageFull(Boolean enableKeyReuseOnNtTokenKeysetStorageFull)

      Allow renewal using the same key.

      Parameters:
      enableKeyReuseOnNtTokenKeysetStorageFull - Allow renewal using the same key.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • includeSymmetricAlgorithms

      EnrollmentFlagsV4.Builder includeSymmetricAlgorithms(Boolean includeSymmetricAlgorithms)

      Include symmetric algorithms allowed by the subject.

      Parameters:
      includeSymmetricAlgorithms - Include symmetric algorithms allowed by the subject.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • noSecurityExtension

      EnrollmentFlagsV4.Builder noSecurityExtension(Boolean noSecurityExtension)

      This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.

      Parameters:
      noSecurityExtension - This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • removeInvalidCertificateFromPersonalStore

      EnrollmentFlagsV4.Builder removeInvalidCertificateFromPersonalStore(Boolean removeInvalidCertificateFromPersonalStore)

      Delete expired or revoked certificates instead of archiving them.

      Parameters:
      removeInvalidCertificateFromPersonalStore - Delete expired or revoked certificates instead of archiving them.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • userInteractionRequired

      EnrollmentFlagsV4.Builder userInteractionRequired(Boolean userInteractionRequired)

      Require user interaction when the subject is enrolled and the private key associated with the certificate is used.

      Parameters:
      userInteractionRequired - Require user interaction when the subject is enrolled and the private key associated with the certificate is used.
      Returns:
      Returns a reference to this object so that method calls can be chained together.