Class: Aws::IoT::Types::ServerCertificateConfig

Inherits:

Struct

• Object
• Struct
• Aws::IoT::Types::ServerCertificateConfig

Includes:

Structure

Defined in:

lib/aws-sdk-iot/types.rb

Overview

The server certificate configuration.

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #enable_ocsp_check ⇒ Boolean

  A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not.

• #ocsp_authorized_responder_arn ⇒ String

  The Amazon Resource Name (ARN) for an X.509 certificate stored in Amazon Web Services Certificate Manager (ACM).

• #ocsp_lambda_arn ⇒ String

  The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses.

Instance Attribute Details

#enable_ocsp_check ⇒ Boolean

A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not.

For more information, see [ Server certificate configuration for OCSP stapling] from Amazon Web Services IoT Core Developer Guide.

[1]: docs.aws.amazon.com/iot/latest/developerguide/iot-custom-endpoints-cert-config.html

Returns:

• (Boolean)

# File 'lib/aws-sdk-iot/types.rb', line 14332

class ServerCertificateConfig < Struct.new(
  :enable_ocsp_check,
  :ocsp_lambda_arn,
  :ocsp_authorized_responder_arn)
  SENSITIVE = []
  include Aws::Structure
end

#ocsp_authorized_responder_arn ⇒ String

The Amazon Resource Name (ARN) for an X.509 certificate stored in Amazon Web Services Certificate Manager (ACM). If provided, Amazon Web Services IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same Amazon Web Services region and account as the domain configuration.

Returns:

• (String)

# File 'lib/aws-sdk-iot/types.rb', line 14332

class ServerCertificateConfig < Struct.new(
  :enable_ocsp_check,
  :ocsp_lambda_arn,
  :ocsp_authorized_responder_arn)
  SENSITIVE = []
  include Aws::Structure
end

#ocsp_lambda_arn ⇒ String

The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a JSON string that’s Base64-encoded. Therefore, you must convert your OCSP response, which is typically in the Distinguished Encoding Rules (DER) format, into a JSON string that’s Base64-encoded. The Lambda function’s response is also a Base64-encoded JSON string and the response payload must not exceed 8 kilobytes (KiB) in size. The Lambda function must be in the same Amazon Web Services region and account as the domain configuration.

Returns:

• (String)

# File 'lib/aws-sdk-iot/types.rb', line 14332

class ServerCertificateConfig < Struct.new(
  :enable_ocsp_check,
  :ocsp_lambda_arn,
  :ocsp_authorized_responder_arn)
  SENSITIVE = []
  include Aws::Structure
end