aws-cdk-lib.aws_acmpca.CfnCertificateAuthority.OcspConfigurationProperty

interface OcspConfigurationProperty

LanguageType name
.NETAmazon.CDK.AWS.ACMPCA.CfnCertificateAuthority.OcspConfigurationProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsacmpca#CfnCertificateAuthority_OcspConfigurationProperty
Javasoftware.amazon.awscdk.services.acmpca.CfnCertificateAuthority.OcspConfigurationProperty
Pythonaws_cdk.aws_acmpca.CfnCertificateAuthority.OcspConfigurationProperty
TypeScript aws-cdk-lib » aws_acmpca » CfnCertificateAuthority » OcspConfigurationProperty

Contains information to enable and configure Online Certificate Status Protocol (OCSP) for validating certificate revocation status.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_acmpca as acmpca } from 'aws-cdk-lib';
const ocspConfigurationProperty: acmpca.CfnCertificateAuthority.OcspConfigurationProperty = {
  enabled: false,
  ocspCustomCname: 'ocspCustomCname',
};

Properties

NameTypeDescription
enabled?boolean | IResolvableFlag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.
ocspCustomCname?stringBy default, AWS Private CA injects an Amazon domain into certificates being validated by the Online Certificate Status Protocol (OCSP).

enabled?

Type: boolean | IResolvable (optional)

Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.


ocspCustomCname?

Type: string (optional)

By default, AWS Private CA injects an Amazon domain into certificates being validated by the Online Certificate Status Protocol (OCSP).

A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.

The content of a Canonical Name (CNAME) record must conform to RFC2396 restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".