| Class | Description |
|---|---|
| V1alpha2Certificate |
A Certificate resource should be created to ensure an up to date and signed x509 certificate is
stored in the Kubernetes Secret resource named in `spec.secretName`.
|
| V1alpha2CertificateList |
CertificateList is a list of Certificate
|
| V1alpha2CertificateRequest |
A CertificateRequest is used to request a signed certificate from one of the configured issuers.
|
| V1alpha2CertificateRequestList |
CertificateRequestList is a list of CertificateRequest
|
| V1alpha2CertificateRequestSpec |
Desired state of the CertificateRequest resource.
|
| V1alpha2CertificateRequestSpec.UsagesEnum.Adapter | |
| V1alpha2CertificateSpec |
Desired state of the Certificate resource.
|
| V1alpha2CertificateSpec.KeyAlgorithmEnum.Adapter | |
| V1alpha2CertificateSpec.KeyEncodingEnum.Adapter | |
| V1alpha2CertificateSpec.UsagesEnum.Adapter | |
| V1alpha2CertificateSpecPrivateKey |
Options to control private keys used for the Certificate.
|
| V1alpha2CertificateSpecSubject |
Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name).
|
| V1alpha2Challenge |
Challenge is a type to represent a Challenge request with an ACME server
|
| V1alpha2ChallengeList |
ChallengeList is a list of Challenge
|
| V1alpha2ClusterIssuer |
A ClusterIssuer represents a certificate issuing authority which can be referenced as part of
`issuerRef` fields.
|
| V1alpha2ClusterIssuerList |
ClusterIssuerList is a list of ClusterIssuer
|
| V1alpha2Issuer |
An Issuer represents a certificate issuing authority which can be referenced as part of
`issuerRef` fields.
|
| V1alpha2IssuerList |
IssuerList is a list of Issuer
|
| V1alpha2IssuerSpec |
Desired state of the Issuer resource.
|
| V1alpha2IssuerSpecAcme |
ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509
certificates.
|
| V1alpha2IssuerSpecAcmeDns01 |
Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge
flow.
|
| V1alpha2IssuerSpecAcmeDns01.CnameStrategyEnum.Adapter | |
| V1alpha2IssuerSpecAcmeDns01Acmedns |
Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge
records.
|
| V1alpha2IssuerSpecAcmeDns01AcmednsAccountSecretRef |
A reference to a specific 'key' within a Secret resource.
|
| V1alpha2IssuerSpecAcmeDns01Akamai |
Use the Akamai DNS zone management API to manage DNS01 challenge records.
|
| V1alpha2IssuerSpecAcmeDns01Azuredns |
Use the Microsoft Azure DNS API to manage DNS01 challenge records.
|
| V1alpha2IssuerSpecAcmeDns01Azuredns.EnvironmentEnum.Adapter | |
| V1alpha2IssuerSpecAcmeDns01AzurednsClientSecretSecretRef |
if both this and ClientID are left unset MSI will be used
|
| V1alpha2IssuerSpecAcmeDns01Clouddns |
Use the Google Cloud DNS API to manage DNS01 challenge records.
|
| V1alpha2IssuerSpecAcmeDns01Cloudflare |
Use the Cloudflare API to manage DNS01 challenge records.
|
| V1alpha2IssuerSpecAcmeDns01CloudflareApiKeySecretRef |
API key to use to authenticate with Cloudflare.
|
| V1alpha2IssuerSpecAcmeDns01CloudflareApiTokenSecretRef |
API token used to authenticate with Cloudflare.
|
| V1alpha2IssuerSpecAcmeDns01Digitalocean |
Use the DigitalOcean DNS API to manage DNS01 challenge records.
|
| V1alpha2IssuerSpecAcmeDns01Rfc2136 |
Use RFC2136 (\"Dynamic Updates in the Domain Name System\")
(https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records.
|
| V1alpha2IssuerSpecAcmeDns01Rfc2136TsigSecretSecretRef |
The name of the secret containing the TSIG value.
|
| V1alpha2IssuerSpecAcmeDns01Route53 |
Use the AWS Route53 API to manage DNS01 challenge records.
|
| V1alpha2IssuerSpecAcmeDns01Route53SecretAccessKeySecretRef |
The SecretAccessKey is used for authentication.
|
| V1alpha2IssuerSpecAcmeDns01Webhook |
Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records.
|
| V1alpha2IssuerSpecAcmeExternalAccountBinding |
ExternalAccountBinding is a reference to a CA external account of the ACME server.
|
| V1alpha2IssuerSpecAcmeExternalAccountBinding.KeyAlgorithmEnum.Adapter | |
| V1alpha2IssuerSpecAcmeExternalAccountBindingKeySecretRef |
keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds
the symmetric MAC key of the External Account Binding.
|
| V1alpha2IssuerSpecAcmeHttp01 |
Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge
flow.
|
| V1alpha2IssuerSpecAcmeHttp01Ingress |
The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress
resources in order to route requests for '/.well-known/acme-challenge/XYZ' to
'challenge solver' pods that are provisioned by cert-manager for each Challenge to be
completed.
|
| V1alpha2IssuerSpecAcmeHttp01IngressIngressTemplate |
Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01
challenges
|
| V1alpha2IssuerSpecAcmeHttp01IngressIngressTemplateMetadata |
ObjectMeta overrides for the ingress used to solve HTTP01 challenges.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplate |
Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateMetadata |
ObjectMeta overrides for the pod used to solve HTTP01 challenges.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpec |
PodSpec defines overrides for the HTTP01 challenge solver pod.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinity |
If specified, the pod's scheduling constraints
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityNodeAffinity |
Describes node affinity scheduling rules for the pod.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityNodeAffinityPreference |
A node selector term, associated with the corresponding weight.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityNodeAffinityPreferenceMatchExpressions |
A node selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution |
An empty preferred scheduling term matches all objects with implicit weight 0 (i.e.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution |
If the affinity requirements specified by this field are not met at scheduling time, the pod will
not be scheduled onto the node.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms |
A null or empty node selector term matches no objects.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityPodAffinity |
Describes pod affinity scheduling rules (e.g.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityPodAffinityPodAffinityTerm |
Required.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityPodAffinityPodAffinityTermLabelSelector |
A label query over a set of resources, in this case pods.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityPodAffinityPodAffinityTermLabelSelectorMatchExpressions |
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution |
The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the
most preferred node(s)
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution |
Defines a set of pods (namely those matching the labelSelector relative to the given
namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity)
with, where co-located is defined as running on a node whose value of the label with key
<topologyKey> matches that of any node on which a pod of the set of pods is running
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecAffinityPodAntiAffinity |
Describes pod anti-affinity scheduling rules (e.g.
|
| V1alpha2IssuerSpecAcmeHttp01IngressPodTemplateSpecTolerations |
The pod this Toleration is attached to tolerates any taint that matches the triple
<key,value,effect> using the matching operator <operator>.
|
| V1alpha2IssuerSpecAcmePrivateKeySecretRef |
PrivateKey is the name of a Kubernetes Secret resource that will be used to store the
automatically generated ACME account private key.
|
| V1alpha2IssuerSpecAcmeSelector |
Selector selects a set of DNSNames on the Certificate resource that should be solved using this
challenge solver.
|
| V1alpha2IssuerSpecAcmeSolvers |
Configures an issuer to solve challenges using the specified options.
|
| V1alpha2IssuerSpecCa |
CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret
resource.
|
| V1alpha2IssuerSpecSelfSigned |
SelfSigned configures this issuer to 'self sign' certificates using the private key used
to create the CertificateRequest object.
|
| V1alpha2IssuerSpecVault |
Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend.
|
| V1alpha2IssuerSpecVaultAuth |
Auth configures how cert-manager authenticates with the Vault server.
|
| V1alpha2IssuerSpecVaultAuthAppRole |
AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret
stored in a Kubernetes Secret resource.
|
| V1alpha2IssuerSpecVaultAuthAppRoleSecretRef |
Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault.
|
| V1alpha2IssuerSpecVaultAuthKubernetes |
Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named
Secret resource to the Vault server.
|
| V1alpha2IssuerSpecVaultAuthKubernetesSecretRef |
The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with
Vault.
|
| V1alpha2IssuerSpecVaultAuthTokenSecretRef |
TokenSecretRef authenticates with Vault by presenting a token.
|
| V1alpha2IssuerSpecVenafi |
Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy
zone.
|
| V1alpha2IssuerSpecVenafiCloud |
Cloud specifies the Venafi cloud configuration settings.
|
| V1alpha2IssuerSpecVenafiCloudApiTokenSecretRef |
APITokenSecretRef is a secret key selector for the Venafi Cloud API token.
|
| V1alpha2IssuerSpecVenafiTpp |
TPP specifies Trust Protection Platform configuration settings.
|
| V1alpha2IssuerSpecVenafiTppCredentialsRef |
CredentialsRef is a reference to a Secret containing the username and password for the TPP
server.
|
| V1alpha2IssuerStatus |
Status of the Issuer.
|
| V1alpha2IssuerStatusAcme |
ACME specific status options.
|
| V1alpha2IssuerStatusConditions |
IssuerCondition contains condition information for an Issuer.
|
| V1alpha2IssuerStatusConditions.StatusEnum.Adapter | |
| V1alpha2Order |
Order is a type to represent an Order with an ACME server
|
| V1alpha2OrderList |
OrderList is a list of Order
|
| V1alpha3Certificate |
A Certificate resource should be created to ensure an up to date and signed x509 certificate is
stored in the Kubernetes Secret resource named in `spec.secretName`.
|
| V1alpha3CertificateList |
CertificateList is a list of Certificate
|
| V1alpha3CertificateRequest |
A CertificateRequest is used to request a signed certificate from one of the configured issuers.
|
| V1alpha3CertificateRequestList |
CertificateRequestList is a list of CertificateRequest
|
| V1alpha3CertificateSpec |
Desired state of the Certificate resource.
|
| V1alpha3CertificateSpec.KeyAlgorithmEnum.Adapter | |
| V1alpha3CertificateSpec.KeyEncodingEnum.Adapter | |
| V1alpha3CertificateSpec.UsagesEnum.Adapter | |
| V1alpha3Challenge |
Challenge is a type to represent a Challenge request with an ACME server
|
| V1alpha3ChallengeList |
ChallengeList is a list of Challenge
|
| V1alpha3ChallengeSpec |
V1alpha3ChallengeSpec
|
| V1alpha3ChallengeSpec.TypeEnum.Adapter | |
| V1alpha3ChallengeSpecIssuerRef |
IssuerRef references a properly configured ACME-type Issuer which should be used to create this
Challenge.
|
| V1alpha3ChallengeSpecSolver |
Solver contains the domain solving configuration that should be used to solve this challenge
resource.
|
| V1alpha3ChallengeStatus |
V1alpha3ChallengeStatus
|
| V1alpha3ChallengeStatus.StateEnum.Adapter | |
| V1alpha3ClusterIssuer |
A ClusterIssuer represents a certificate issuing authority which can be referenced as part of
`issuerRef` fields.
|
| V1alpha3ClusterIssuerList |
ClusterIssuerList is a list of ClusterIssuer
|
| V1alpha3ClusterIssuerSpec |
Desired state of the ClusterIssuer resource.
|
| V1alpha3ClusterIssuerStatus |
Status of the ClusterIssuer.
|
| V1alpha3Issuer |
An Issuer represents a certificate issuing authority which can be referenced as part of
`issuerRef` fields.
|
| V1alpha3IssuerList |
IssuerList is a list of Issuer
|
| V1alpha3Order |
Order is a type to represent an Order with an ACME server
|
| V1alpha3OrderList |
OrderList is a list of Order
|
| V1alpha3OrderSpec |
V1alpha3OrderSpec
|
| V1beta1Certificate |
A Certificate resource should be created to ensure an up to date and signed x509 certificate is
stored in the Kubernetes Secret resource named in `spec.secretName`.
|
| V1beta1CertificateList |
CertificateList is a list of Certificate
|
| V1beta1CertificateRequest |
A CertificateRequest is used to request a signed certificate from one of the configured issuers.
|
| V1beta1CertificateRequestList |
CertificateRequestList is a list of CertificateRequest
|
| V1beta1CertificateRequestSpec |
Desired state of the CertificateRequest resource.
|
| V1beta1CertificateRequestSpec.UsagesEnum.Adapter | |
| V1beta1CertificateRequestSpecIssuerRef |
IssuerRef is a reference to the issuer for this CertificateRequest.
|
| V1beta1CertificateRequestStatus |
Status of the CertificateRequest.
|
| V1beta1CertificateRequestStatusConditions |
CertificateRequestCondition contains condition information for a CertificateRequest.
|
| V1beta1CertificateRequestStatusConditions.StatusEnum.Adapter | |
| V1beta1CertificateSpec |
Desired state of the Certificate resource.
|
| V1beta1CertificateSpec.UsagesEnum.Adapter | |
| V1beta1CertificateSpecIssuerRef |
IssuerRef is a reference to the issuer for this certificate.
|
| V1beta1CertificateSpecKeystores |
Keystores configures additional keystore output formats stored in the `secretName`
Secret resource.
|
| V1beta1CertificateSpecKeystoresJks |
JKS configures options for storing a JKS keystore in the `spec.secretName` Secret
resource.
|
| V1beta1CertificateSpecKeystoresJksPasswordSecretRef |
PasswordSecretRef is a reference to a key in a Secret resource containing the password used to
encrypt the JKS keystore.
|
| V1beta1CertificateSpecKeystoresPkcs12 |
PKCS12 configures options for storing a PKCS12 keystore in the `spec.secretName` Secret
resource.
|
| V1beta1CertificateSpecKeystoresPkcs12PasswordSecretRef |
PasswordSecretRef is a reference to a key in a Secret resource containing the password used to
encrypt the PKCS12 keystore.
|
| V1beta1CertificateSpecPrivateKey |
Options to control private keys used for the Certificate.
|
| V1beta1CertificateSpecPrivateKey.AlgorithmEnum.Adapter | |
| V1beta1CertificateSpecPrivateKey.EncodingEnum.Adapter | |
| V1beta1CertificateSpecSubject |
Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name).
|
| V1beta1CertificateStatus |
Status of the Certificate.
|
| V1beta1CertificateStatusConditions |
CertificateCondition contains condition information for an Certificate.
|
| V1beta1CertificateStatusConditions.StatusEnum.Adapter | |
| V1beta1Challenge |
Challenge is a type to represent a Challenge request with an ACME server
|
| V1beta1ChallengeList |
ChallengeList is a list of Challenge
|
| V1beta1ChallengeSpec |
V1beta1ChallengeSpec
|
| V1beta1ChallengeSpec.TypeEnum.Adapter | |
| V1beta1ChallengeSpecIssuerRef |
References a properly configured ACME-type Issuer which should be used to create this Challenge.
|
| V1beta1ChallengeSpecSolver |
Contains the domain solving configuration that should be used to solve this challenge resource.
|
| V1beta1ChallengeSpecSolverDns01 |
Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge
flow.
|
| V1beta1ChallengeSpecSolverDns01.CnameStrategyEnum.Adapter | |
| V1beta1ChallengeStatus |
V1beta1ChallengeStatus
|
| V1beta1ChallengeStatus.StateEnum.Adapter | |
| V1beta1ClusterIssuer |
A ClusterIssuer represents a certificate issuing authority which can be referenced as part of
`issuerRef` fields.
|
| V1beta1ClusterIssuerList |
ClusterIssuerList is a list of ClusterIssuer
|
| V1beta1ClusterIssuerSpec |
Desired state of the ClusterIssuer resource.
|
| V1beta1Issuer |
An Issuer represents a certificate issuing authority which can be referenced as part of
`issuerRef` fields.
|
| V1beta1IssuerList |
IssuerList is a list of Issuer
|
| V1beta1IssuerSpec |
Desired state of the Issuer resource.
|
| V1beta1IssuerSpecAcme |
ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509
certificates.
|
| V1beta1IssuerSpecAcmeSolvers |
Configures an issuer to solve challenges using the specified options.
|
| V1beta1Order |
Order is a type to represent an Order with an ACME server
|
| V1beta1OrderList |
OrderList is a list of Order
|
| V1beta1OrderSpec |
V1beta1OrderSpec
|
| V1beta1OrderSpecIssuerRef |
IssuerRef references a properly configured ACME-type Issuer which should be used to create this
Order.
|
| V1beta1OrderStatus |
V1beta1OrderStatus
|
| V1beta1OrderStatus.StateEnum.Adapter | |
| V1beta1OrderStatusAuthorizations |
ACMEAuthorization contains data returned from the ACME server on an authorization that must be
completed in order validate a DNS name on an ACME Order resource.
|
| V1beta1OrderStatusAuthorizations.InitialStateEnum.Adapter | |
| V1beta1OrderStatusChallenges |
Challenge specifies a challenge offered by the ACME server for an Order.
|
| Enum | Description |
|---|---|
| V1alpha2CertificateRequestSpec.UsagesEnum |
KeyUsage specifies valid usage contexts for keys.
|
| V1alpha2CertificateSpec.KeyAlgorithmEnum |
KeyAlgorithm is the private key algorithm of the corresponding private key for this
certificate.
|
| V1alpha2CertificateSpec.KeyEncodingEnum |
KeyEncoding is the private key cryptography standards (PKCS) for this certificate's private
key to be encoded in.
|
| V1alpha2CertificateSpec.UsagesEnum |
KeyUsage specifies valid usage contexts for keys.
|
| V1alpha2IssuerSpecAcmeDns01.CnameStrategyEnum |
CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS
zones.
|
| V1alpha2IssuerSpecAcmeDns01Azuredns.EnvironmentEnum |
Gets or Sets environment
|
| V1alpha2IssuerSpecAcmeExternalAccountBinding.KeyAlgorithmEnum |
keyAlgorithm is the MAC key algorithm that the key is used for.
|
| V1alpha2IssuerStatusConditions.StatusEnum |
Status of the condition, one of ('True', 'False', 'Unknown').
|
| V1alpha3CertificateSpec.KeyAlgorithmEnum |
KeyAlgorithm is the private key algorithm of the corresponding private key for this
certificate.
|
| V1alpha3CertificateSpec.KeyEncodingEnum |
KeyEncoding is the private key cryptography standards (PKCS) for this certificate's private
key to be encoded in.
|
| V1alpha3CertificateSpec.UsagesEnum |
KeyUsage specifies valid usage contexts for keys.
|
| V1alpha3ChallengeSpec.TypeEnum |
Type is the type of ACME challenge this resource represents.
|
| V1alpha3ChallengeStatus.StateEnum |
State contains the current 'state' of the challenge.
|
| V1beta1CertificateRequestSpec.UsagesEnum |
KeyUsage specifies valid usage contexts for keys.
|
| V1beta1CertificateRequestStatusConditions.StatusEnum |
Status of the condition, one of ('True', 'False', 'Unknown').
|
| V1beta1CertificateSpec.UsagesEnum |
KeyUsage specifies valid usage contexts for keys.
|
| V1beta1CertificateSpecPrivateKey.AlgorithmEnum |
Algorithm is the private key algorithm of the corresponding private key for this certificate.
|
| V1beta1CertificateSpecPrivateKey.EncodingEnum |
The private key cryptography standards (PKCS) encoding for this certificate's private key
to be encoded in.
|
| V1beta1CertificateStatusConditions.StatusEnum |
Status of the condition, one of ('True', 'False', 'Unknown').
|
| V1beta1ChallengeSpec.TypeEnum |
The type of ACME challenge this resource represents.
|
| V1beta1ChallengeSpecSolverDns01.CnameStrategyEnum |
CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS
zones.
|
| V1beta1ChallengeStatus.StateEnum |
Contains the current 'state' of the challenge.
|
| V1beta1OrderStatus.StateEnum |
State contains the current state of this Order resource.
|
| V1beta1OrderStatusAuthorizations.InitialStateEnum |
InitialState is the initial state of the ACME authorization when first fetched from the ACME
server.
|
Copyright © 2020. All rights reserved.