public static interface EnrollmentFlagsV2.Builder extends SdkPojo, CopyableBuilder<EnrollmentFlagsV2.Builder,EnrollmentFlagsV2>
| Modifier and Type | Method and Description |
|---|---|
EnrollmentFlagsV2.Builder |
enableKeyReuseOnNtTokenKeysetStorageFull(Boolean enableKeyReuseOnNtTokenKeysetStorageFull)
Allow renewal using the same key.
|
EnrollmentFlagsV2.Builder |
includeSymmetricAlgorithms(Boolean includeSymmetricAlgorithms)
Include symmetric algorithms allowed by the subject.
|
EnrollmentFlagsV2.Builder |
noSecurityExtension(Boolean noSecurityExtension)
This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT
(OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the
issued certificate.
|
EnrollmentFlagsV2.Builder |
removeInvalidCertificateFromPersonalStore(Boolean removeInvalidCertificateFromPersonalStore)
Delete expired or revoked certificates instead of archiving them.
|
EnrollmentFlagsV2.Builder |
userInteractionRequired(Boolean userInteractionRequired)
Require user interaction when the subject is enrolled and the private key associated with the certificate is
used.
|
equalsBySdkFields, sdkFieldscopyapplyMutation, buildEnrollmentFlagsV2.Builder enableKeyReuseOnNtTokenKeysetStorageFull(Boolean enableKeyReuseOnNtTokenKeysetStorageFull)
Allow renewal using the same key.
enableKeyReuseOnNtTokenKeysetStorageFull - Allow renewal using the same key.EnrollmentFlagsV2.Builder includeSymmetricAlgorithms(Boolean includeSymmetricAlgorithms)
Include symmetric algorithms allowed by the subject.
includeSymmetricAlgorithms - Include symmetric algorithms allowed by the subject.EnrollmentFlagsV2.Builder noSecurityExtension(Boolean noSecurityExtension)
This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.
noSecurityExtension - This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT
(OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in
the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.EnrollmentFlagsV2.Builder removeInvalidCertificateFromPersonalStore(Boolean removeInvalidCertificateFromPersonalStore)
Delete expired or revoked certificates instead of archiving them.
removeInvalidCertificateFromPersonalStore - Delete expired or revoked certificates instead of archiving them.EnrollmentFlagsV2.Builder userInteractionRequired(Boolean userInteractionRequired)
Require user interaction when the subject is enrolled and the private key associated with the certificate is used.
userInteractionRequired - Require user interaction when the subject is enrolled and the private key associated with the
certificate is used.Copyright © 2023. All rights reserved.