Self-Signed CA

class SelfSignedCA(api)

Bases: _CertificateAuthorityBase

create(name, parent_folder, description=None, contacts=None, key_usage=None, server_authentication=None, client_authentication=None, code_signing=None, signature_algorithm=None, valid_years=None, valid_days=None, attributes=None, get_if_already_exists=True)

Parameters

• name (str) – Name of the CA object.

• parent_folder (Union[config.Object, str]) – :ref:`config_object or Distinguished Name (DN) of the parent folder of this certificate authority object.

• description (str) – Description of the CA object.

• contacts (List[ident.Identity, str]) – List of Identity Object or Prefixed Name of the contacts.

• key_usage (List[str]) – List of key usages.

• server_authentication (bool) – Allow server authentication.

• client_authentication (bool) – Allow client authentication.

• code_signing (bool) – Allow code signing.

• signature_algorithm (str) – Signing algorithm.

• valid_years (int) – Validity period in years.

• valid_days (int) – Validity period in days. Added to years.

• attributes (dict) – Additional attributes associated to the CA object.

• get_if_already_exists (bool) – If the objects already exists, just return it as is.

Returns

Config Object of the certificate authority.

delete(certificate_authority)

Deletes the certificate authority object from TPP, including all of the secrets associated to it.

Parameters

certificate_authority (Union[config.Object, str]) – Config Object or Distinguished Name (DN) for the certificate authority object.

get(certificate_authority_dn, raise_error_if_not_exists=True)

Get the certificate authority object in TPP.

Parameters

• certificate_authority_dn (str) – Distinguished Name (DN) of the certificate authority.

• raise_error_if_not_exists (bool) – Raise an exception if the object Distinguished Name (DN) does not exist.

Returns

Config Object of the certificate authority.