Amazon Private CA · JSON Structure

Amazon Private Ca Certificate Authority Configuration Structure

Contains configuration information for your private certificate authority (CA). This includes information about the class of public key algorithm and the key pair that your private CA creates when it issues a certificate. It also includes the signature algorithm that it uses when issuing certificates, and its X.500 distinguished name. You must specify this information when you call the CreateCertificateAuthority action.

Type: object Properties: 4 Required: 3
Certificate AuthorityCertificatesPKISecurityX.509TLSIoT

CertificateAuthorityConfiguration is a JSON Structure definition published by Amazon Private CA, describing 4 properties, of which 3 are required. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

KeyAlgorithm SigningAlgorithm Subject CsrExtensions

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑ 
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-private-ca/refs/heads/main/json-structure/amazon-private-ca-certificate-authority-configuration-structure.json",
  "name": "CertificateAuthorityConfiguration",
  "description": "Contains configuration information for your private certificate authority (CA). This includes information about the class of public key algorithm and the key pair that your private CA creates when it issues a certificate. It also includes the signature algorithm that it uses when issuing certificates, and its X.500 distinguished name. You must specify this information when you call the <a href=\"https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html\">CreateCertificateAuthority</a> action. ",
  "type": "object",
  "properties": {
    "KeyAlgorithm": {
      "allOf": [
        {
          "$ref": "#/components/schemas/KeyAlgorithm"
        },
        {
          "description": "Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. When you create a subordinate CA, you must use a key algorithm supported by the parent CA."
        }
      ]
    },
    "SigningAlgorithm": {
      "allOf": [
        {
          "$ref": "#/components/schemas/SigningAlgorithm"
        },
        {
          "description": "<p>Name of the algorithm your private CA uses to sign certificate requests.</p> <p>This parameter should not be confused with the <code>SigningAlgorithm</code> parameter used to sign certificates when they are issued.</p>"
        }
      ]
    },
    "Subject": {
      "allOf": [
        {
          "$ref": "#/components/schemas/ASN1Subject"
        },
        {
          "description": "Structure that contains X.500 distinguished name information for your private CA."
        }
      ]
    },
    "CsrExtensions": {
      "allOf": [
        {
          "$ref": "#/components/schemas/CsrExtensions"
        },
        {
          "description": "Specifies information to be added to the extension section of the certificate signing request (CSR)."
        }
      ]
    }
  },
  "required": [
    "KeyAlgorithm",
    "SigningAlgorithm",
    "Subject"
  ]
}