DefaultKeyUsages contains the default list of key usages.

AllowsInjectionFromSecretAnnotation is an annotation that must be added to Secret resource that want to denote that they can be directly injected into injectables that have a `inject-ca-from-secret` annotation.

Annotation names for Secrets.

CertificateConditionReady indicates that a certificate is ready for use.

Annotation names for Secrets.

CertificateRequestConditionReady indicates that a certificate is ready for use.

Annotation names for Secrets.

ConditionFalse represents the fact that a given condition is false.

ConditionTrue represents the fact that a given condition is true.

ConditionUnknown represents the fact that a given condition is unknown.

Annotation names for CertificateRequests.

default certificate duration if Issuer.spec.duration is not set.

Default duration before certificate expiration if Issuer.spec.renewBefore is not set.

Errored signifies that the ACME resource has errored for some reason.

Expired signifies that an ACME resource has expired.

FollowStrategy will cause cert-manager to recurse through CNAMEs in order to determine which DNS zone to update during DNS01 challenges.

Invalid signifies that an ACME resource is invalid for some reason.

Annotation names for Secrets.

IssuerConditionReady represents the fact that a given Issuer condition is in ready state.

Annotation names for Secrets.

Annotation names for Secrets.

minimum permitted certificate duration by cert-manager.

minimum certificate duration before certificate expiration.

NoneStrategy indicates that no CNAME resolution strategy should be used when determining which DNS zone to update during DNS01 challenges.

Pending signifies that an ACME resource is still pending and is not yet ready.

Processing signifies that an ACME resource is being processed by the server.

Ready signifies that an ACME resource is in a ready state.

Unknown is not a real state as part of the ACME spec.

Valid signifies that an ACME resource is in a valid state.

WantInjectAnnotation is the annotation that specifies that a particular object wants injection of CAs.

WantInjectAPIServerCAAnnotation, if set to "true", will make the cainjector inject the CA certificate for the Kubernetes apiserver into the resource.

WantInjectFromSecretAnnotation is the annotation that specifies that a particular object wants injection of CAs.

AddToScheme adds the types in this group-version to the given scheme.

GroupVersion is group version used to register these objects.

SchemeBuilder is used to add go types to the GroupVersionKind scheme.

ACMECertificateConfig contains the configuration for the ACME certificate provider.

ACMEChallengeSolverHTTP01 contains configuration detailing how to solve HTTP01 challenges within a Kubernetes cluster.

ACMEIssuer contains the specification for an ACME issuer.

ACMEIssuerDNS01Config is a structure containing the ACME DNS configuration options.

ACMEIssuerDNS01Provider contains configuration for a DNS provider that can be used to solve ACME DNS01 challenges.

ACMEIssuerDNS01ProviderAcmeDNS is a structure containing the configuration for ACME-DNS servers.

ACMEIssuerDNS01ProviderAkamai is a structure containing the DNS configuration for Akamai DNS—Zone Record Management API.

ACMEIssuerDNS01ProviderAzureDNS is a structure containing the configuration for Azure DNS.

ACMEIssuerDNS01ProviderCloudDNS is a structure containing the DNS configuration for Google Cloud DNS.

ACMEIssuerDNS01ProviderCloudflare is a structure containing the DNS configuration for Cloudflare.

ACMEIssuerDNS01ProviderDigitalOcean is a structure containing the DNS configuration for DigitalOcean Domains.

ACMEIssuerDNS01ProviderRFC2136 is a structure containing the configuration for RFC2136 DNS.

ACMEIssuerDNS01ProviderRoute53 is a structure containing the Route 53 configuration for AWS.

ACMEIssuerDNS01ProviderWebhook specifies configuration for a webhook DNS01 provider, including where to POST ChallengePayload resources.

ACMEIssuerHTTP01Config is a structure containing the ACME HTTP configuration options.

Certificate is the Schema for the certificates API.

CertificateCondition contains condition information for an Certificate.

CertificateDomainSelector selects certificates using a label selector, and can optionally select individual DNS names within those certificates.

CertificateList contains a list of Certificate.

CertificateRequest is the Schema for the certificaterequests API.

CertificateRequestCondition contains condition information for a CertificateRequest.

CertificateRequestList contains a list of CertificateRequest.

CertificateRequestSpec defines the desired state of CertificateRequest.

CertificateRequestStatus defines the observed state of CertificateRequest and resulting signed certificate.

CertificateSpec defines the desired state of Certificate.

CertificateStatus defines the observed state of Certificate.

Challenge is the Schema for the challenges API.

ChallengeList contains a list of Challenge.

ChallengeSpec defines the desired state of Challenge.

ChallengeStatus defines the observed state of Challenge.

+kubebuilder:printcolumn:name="Ready",type="string",JSONPath=".status.conditions[?(@.type==\"Ready\")].status" +kubebuilder:resource:path=clusterissuers,scope=Cluster Documentation For additional details regarding install parameters check: https://ibm.biz/icpfs39install.

ClusterIssuerList is a list of Issuers.

DNS01SolverConfig contains solver configuration for DNS01 challenges.

DomainSolverConfig contains solver configuration for a set of domains.

HTTP01SolverConfig contains solver configuration for HTTP01 challenges.

Issuer is the Schema for the issuers API.

IssuerCondition contains condition information for an Issuer.

IssuerList contains a list of Issuer.

IssuerSpec defines the desired state of Issuer.

IssuerStatus defines the observed state of Issuer.

ObjectReference is a reference to an object with a given name, kind and group.

Order is the Schema for the orders API.

OrderList contains a list of Order.

OrderSpec defines the desired state of Order.

OrderStatus defines the observed state of Order.

SolverConfig is a container type holding the configuration for either a HTTP01 or DNS01 challenge.

Vault authentication can be configured: - With a secret containing a token.

VenafiCloud defines connection configuration details for Venafi Cloud.

VenafiIssuer describes issuer configuration details for Venafi Cloud.

+kubebuilder:validation:Enum=AzurePublicCloud;AzureChinaCloud;AzureGermanCloud;AzureUSGovernmentCloud.

CertificateConditionType represents an Certificate condition value.

CertificateRequestConditionType represents an Certificate condition value.

CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones.

ConditionStatus represents a condition's status.

IssuerConditionType represents an Issuer condition value.

+kubebuilder:validation:Enum=rsa;ecdsa.

+kubebuilder:validation:Enum=pkcs1;pkcs8.

KeyUsage specifies valid usage contexts for keys.

State represents the state of an ACME resource, such as an Order.