CertificatePolicyProperties interface
An interface representing a certificate's policy (without the subject properties).
Properties
| certificate |
Indicates if the certificates generated under this policy should be published to certificate transparency logs. |
| certificate |
Type of certificate to be requested from the issuer provider. |
| content |
The media type (MIME type). Set to |
| created |
When the certificate was created. |
| enabled | Determines whether the object is enabled. |
| enhanced |
The enhanced key usage. |
| exportable | Whether or not the certificate can be exported |
| issuer |
Name of the referenced issuer object or reserved names; for example, 'Self' or 'Unknown'. |
| key |
Elliptic curve name. Possible values include: 'P-256', 'P-384', 'P-521', 'P-256K' |
| key |
The key size in bits. For example: 2048, 3072, or 4096 for RSA. |
| key |
The type of key pair to be used for the certificate. Possible values include: 'EC', 'EC-HSM', 'RSA', 'RSA-HSM', 'oct' |
| key |
List of key usages. |
| lifetime |
Actions that will be performed by Key Vault over the lifetime of a certificate. |
| platform |
Configuration that enables the platform to manage the certificate on behalf of the user. |
| reuse |
Indicates if the same key pair will be used on certificate renewal. |
| updated |
When the object was updated. |
| validity |
The duration that the certificate is valid in months. |
Property Details
certificateTransparency
Indicates if the certificates generated under this policy should be published to certificate transparency logs.
certificateTransparency?: booleanProperty Value
boolean
certificateType
Type of certificate to be requested from the issuer provider.
certificateType?: stringProperty Value
string
contentType
The media type (MIME type).
Set to application/x-pkcs12 when the certificate contains your PKCS#12/PFX bytes,
or to application/x-pem-file when the certificate contains your ASCII PEM-encoded bytes.
contentType?: CertificateContentTypeProperty Value
createdOn
When the certificate was created.
createdOn?: DateProperty Value
Date
enabled
Determines whether the object is enabled.
enabled?: booleanProperty Value
boolean
enhancedKeyUsage
The enhanced key usage.
enhancedKeyUsage?: string[]Property Value
string[]
exportable
Whether or not the certificate can be exported
exportable?: booleanProperty Value
boolean
issuerName
Name of the referenced issuer object or reserved names; for example, 'Self' or 'Unknown'.
issuerName?: stringProperty Value
string
keyCurveName
Elliptic curve name. Possible values include: 'P-256', 'P-384', 'P-521', 'P-256K'
keyCurveName?: stringProperty Value
string
keySize
The key size in bits. For example: 2048, 3072, or 4096 for RSA.
keySize?: numberProperty Value
number
keyType
The type of key pair to be used for the certificate. Possible values include: 'EC', 'EC-HSM', 'RSA', 'RSA-HSM', 'oct'
keyType?: stringProperty Value
string
keyUsage
List of key usages.
keyUsage?: string[]Property Value
string[]
lifetimeActions
Actions that will be performed by Key Vault over the lifetime of a certificate.
lifetimeActions?: LifetimeAction[]Property Value
platformManaged
Configuration that enables the platform to manage the certificate on behalf of the user.
platformManaged?: PlatformManagedProperty Value
Remarks
This feature is currently intended for internal Azure Key Vault usage only.
Any calls using this property will fail and it is not recommended to be used at this point.
Requires serviceVersion: "2026-03-01-preview" on the CertificateClient.
reuseKey
Indicates if the same key pair will be used on certificate renewal.
reuseKey?: booleanProperty Value
boolean
updatedOn
When the object was updated.
updatedOn?: DateProperty Value
Date
validityInMonths
The duration that the certificate is valid in months.
validityInMonths?: numberProperty Value
number
