Package org.springframework.vault.support

Class VaultCertificateRequest.VaultCertificateRequestBuilder

java.lang.Object

org.springframework.vault.support.VaultCertificateRequest.VaultCertificateRequestBuilder

Enclosing class:

VaultCertificateRequest

public static class VaultCertificateRequest.VaultCertificateRequestBuilder
extends Object

Method Summary

Modifier and Type	Method	Description
VaultCertificateRequest.VaultCertificateRequestBuilder	altNames(Iterable<String> altNames)	Configure alternative names.
VaultCertificateRequest	build()	Build a new VaultCertificateRequest instance.
VaultCertificateRequest.VaultCertificateRequestBuilder	commonName(String commonName)	Configure the common name.
VaultCertificateRequest.VaultCertificateRequestBuilder	excludeCommonNameFromSubjectAltNames()	Exclude the given common name from DNS or Email Subject Alternate Names (as appropriate).
VaultCertificateRequest.VaultCertificateRequestBuilder	format(String format)	Configure the certificate format.
VaultCertificateRequest.VaultCertificateRequestBuilder	ipSubjectAltNames(Iterable<String> ipSubjectAltNames)	Configure IP subject alternative names.
VaultCertificateRequest.VaultCertificateRequestBuilder	notAfter(Instant notAfter)	Set the Not After field of the certificate with specified date value.
VaultCertificateRequest.VaultCertificateRequestBuilder	otherSans(Iterable<String> otherSans)	Configure custom OID/UTF8-string subject alternative names.
VaultCertificateRequest.VaultCertificateRequestBuilder	privateKeyFormat(String privateKeyFormat)	Configure the key format.
VaultCertificateRequest.VaultCertificateRequestBuilder	ttl(long ttl, TimeUnit timeUnit)	Configure a TTL.
VaultCertificateRequest.VaultCertificateRequestBuilder	ttl(Duration ttl)	Configure a TTL.
VaultCertificateRequest.VaultCertificateRequestBuilder	uriSubjectAltNames(Iterable<String> uriSubjectAltNames)	Configure URI subject alternative names.
VaultCertificateRequest.VaultCertificateRequestBuilder	userId(String userId)	Specifies the comma-separated list of requested User ID (OID 0.9.2342.19200300.100.1.1) Subject values to be placed on the signed certificate.
VaultCertificateRequest.VaultCertificateRequestBuilder	userIds(Collection<String> userIds)	Specifies the comma-separated list of requested User ID (OID 0.9.2342.19200300.100.1.1) Subject values to be placed on the signed certificate.
VaultCertificateRequest.VaultCertificateRequestBuilder	withAltName(String altName)	Add an alternative name.
VaultCertificateRequest.VaultCertificateRequestBuilder	withIpSubjectAltName(String ipSubjectAltName)	Add an IP subject alternative name.
VaultCertificateRequest.VaultCertificateRequestBuilder	withOtherSans(String otherSans)	Add custom OID/UTF8-string subject alternative name.
VaultCertificateRequest.VaultCertificateRequestBuilder	withUriSubjectAltName(String uriSubjectAltName)	Add an URI subject alternative name.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

commonName

public VaultCertificateRequest.VaultCertificateRequestBuilder commonName(String commonName)

Configure the common name.

Parameters:

commonName - must not be empty or null.

Returns:

this builder.

excludeCommonNameFromSubjectAltNames

public VaultCertificateRequest.VaultCertificateRequestBuilder excludeCommonNameFromSubjectAltNames()

Exclude the given common name from DNS or Email Subject Alternate Names (as appropriate). Useful if the CN is not a hostname or email address, but is instead some human-readable identifier.

Returns:

this builder.

altNames

public VaultCertificateRequest.VaultCertificateRequestBuilder altNames(Iterable<String> altNames)

Configure alternative names. Replaces previously configured alt names.

Parameters:

altNames - must not be null.

Returns:

this builder.

withAltName

public VaultCertificateRequest.VaultCertificateRequestBuilder withAltName(String altName)

Add an alternative name.

Parameters:

altName - must not be empty or null.

Returns:

this builder.

ipSubjectAltNames

public VaultCertificateRequest.VaultCertificateRequestBuilder ipSubjectAltNames(Iterable<String> ipSubjectAltNames)

Configure IP subject alternative names. Replaces previously configured IP subject alt names.

Parameters:

ipSubjectAltNames - must not be null.

Returns:

this builder.

withIpSubjectAltName

public VaultCertificateRequest.VaultCertificateRequestBuilder withIpSubjectAltName(String ipSubjectAltName)

Add an IP subject alternative name.

Parameters:

ipSubjectAltName - must not be empty or null.

Returns:

this builder.

uriSubjectAltNames

public VaultCertificateRequest.VaultCertificateRequestBuilder uriSubjectAltNames(Iterable<String> uriSubjectAltNames)

Configure URI subject alternative names. Replaces previously configured URI subject alt names.

Parameters:

uriSubjectAltNames - must not be null.

Returns:

this builder.

Since:

2.2

withUriSubjectAltName

public VaultCertificateRequest.VaultCertificateRequestBuilder withUriSubjectAltName(String uriSubjectAltName)

Add an URI subject alternative name.

Parameters:

uriSubjectAltName - must not be empty or null.

Returns:

this builder.

Since:

2.2

otherSans

public VaultCertificateRequest.VaultCertificateRequestBuilder otherSans(Iterable<String> otherSans)

Configure custom OID/UTF8-string subject alternative names. Replaces previously configured other subject alt names.

Parameters:

otherSans - must not be null.

Returns:

this builder.

Since:

2.4

withOtherSans

public VaultCertificateRequest.VaultCertificateRequestBuilder withOtherSans(String otherSans)

Add custom OID/UTF8-string subject alternative name.

Parameters:

otherSans - must not be empty or null.

Returns:

this builder.

Since:

2.4

ttl

public VaultCertificateRequest.VaultCertificateRequestBuilder ttl(long ttl,
 TimeUnit timeUnit)

Configure a TTL.

Parameters:

ttl - the time to live, must not be negative.

timeUnit - must not be null

Returns:

this builder.

ttl

public VaultCertificateRequest.VaultCertificateRequestBuilder ttl(Duration ttl)

Configure a TTL.

Parameters:

ttl - the time to live, must not be null or negative.

Returns:

this builder.

Since:

2.0

notAfter

public VaultCertificateRequest.VaultCertificateRequestBuilder notAfter(Instant notAfter)

Set the Not After field of the certificate with specified date value. Supports the Y10K end date for IEEE 802.1AR-2018 standard devices, 9999-12-31T23:59:59Z.

Returns:

this builder.

Since:

3.1

format

public VaultCertificateRequest.VaultCertificateRequestBuilder format(String format)

Configure the certificate format.

Parameters:

format - the certificate format to use. Can be pem, der, or pem_bundle

Returns:

this builder.

Since:

2.4

privateKeyFormat

public VaultCertificateRequest.VaultCertificateRequestBuilder privateKeyFormat(String privateKeyFormat)

Configure the key format.

Parameters:

privateKeyFormat - the key format to use. Can be pem, der, or pkcs8

Returns:

this builder.

Since:

2.4

userId

public VaultCertificateRequest.VaultCertificateRequestBuilder userId(String userId)

Specifies the comma-separated list of requested User ID (OID 0.9.2342.19200300.100.1.1) Subject values to be placed on the signed certificate. This field is validated against allowed_user_ids on the role.

Returns:

this builder.

Since:

3.1

userIds

public VaultCertificateRequest.VaultCertificateRequestBuilder userIds(Collection<String> userIds)

Specifies the comma-separated list of requested User ID (OID 0.9.2342.19200300.100.1.1) Subject values to be placed on the signed certificate. This field is validated against allowed_user_ids on the role.

Returns:

this builder.

Since:

3.1

build

public VaultCertificateRequest build()

Build a new VaultCertificateRequest instance. Requires commonName(String) to be configured.

Returns:

a new VaultCertificateRequest.